On my system (Linux Mint) `gpgconf --list-dirs agent-ssh-socket` does return all dirs and not only the one for agent-ssh-socket hence `ssh-add -L` was failing. This is a hint for other people to troubleshoot this behaviour.
Section `Creating keys` ends with `Disable networking for the
remainder of the setup.`. All instructions that require a network
should be before this sentence.
IdentityFiles can be passed to ssh via `-i`, not `-l`.
The next paragraph mentions the correct argument.
ref commit 52c8324fa2,
part of PR drduh/YubiKey-Guide#65
This commit applies a few editorial cleanups to the document:
1. `keytocard` operations now contained emphasized warnings to convey
that these operations are destructive. I unknowingly made this
mistake a few years ago and only learned of it recently. For that
reason, we should go out of our way on user's behalf with due
diligence warnings.
2. `$KEYID` was not uniformly used throughout the document in various
command line input literals. This is now fixed.
3. `YubiKey` was often represented as `Yubikey` and other
inconsistent forms throughout the document. This is now fixed,
except in cases of URL, command output, etc.
Two commands mentioned later in the document won't work without two packages that don't come pre-installed with the Debian LiveCD: dirmngr and secure-delete.
"gpg SHA512SUMS.sign" would do the right thing only if the file actually
contained a detached signature.
Use explicit and robust "gpg --verify SHA512SUMS.sign SHA512SUMS"
instead.