- #Use yubikey with gpg suite serial number
- #Use yubikey with gpg suite install
- #Use yubikey with gpg suite update
Initialize the YubiKey 2.1 Change the PINs If you are having issues with the gpg-agent after a reboot, check my newer post for a quick-n-dirty fix.
#Use yubikey with gpg suite serial number
Take note of the Serial Number of the card, it might be of use later in the setup. You should see the details of your YubiKey (card) in the console.
#Use yubikey with gpg suite update
Restart the gpg-agent service and update its settings: gpg-connect-agent killagent /byeįinally, insert your YubiKey in a USB port and check if it is being correctly detected by running the command: gpg -card-status (Note: the single quote ( ') and double quotes ( ") behave differently in shell/bash) echo 'export GPG_TTY=$(tty)' > ~/.bash_profileĮcho 'export SSH_AUTH_SOCK=$/.gnupg/S.gpg-agent.ssh' > ~/.bash_profileĬlose all your current terminal windows and restart the Terminal application. We also need to update the shell environment to allow ssh to use gpg-agent as an authentication service. In order to improve the compatibility between macOS and the YubiKey, we need to add the following lines to the gpg-agent configuration file located in ~/.gnupg/nf pinentry-program /usr/local/bin/pinentry-mac echo 'export LANG=en' > ~/.bash_profileĪlong with GnuPG, we've installed a utility called gpg-agent which operates as a link between the YubiKey and the underlying GPG libraries. We'll set the appropiate LANG environment variable in the bash profile to en. For some unknown reason, my installation decided that it'd be better in spanish and while the intention is appreciated, the command line utilities are a bit wonky in languages other than english. If you bash profile does not specify a language with LANG, gnupg2 will try to guess the best language for you.
#Use yubikey with gpg suite install
The easiest way to install GnuPG in macOS is by using Homebrew: brew install gnupg2 gpg-agent pinentry-mac GnuPG also provides support for S/MIME and Secure Shell (ssh). A wealth of frontend applications and libraries are available. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. GnuPG allows you to encrypt and sign your data and communications it features a versatile key management system, along with access modules for all kinds of public key directories. GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). We need to install some utilities in the local machine provide the basic functionality to interfase with the YubiKey. Note: throughout the guide and in the GnuPG references, the YubiKey is referred to as a card, while key refers to a RSA Key. I highly recommended that you get at least a pair of them. Remote: AWS EC2 Ubuntu 18.04 LTS (Server, Bionic Beaver)Īnd for the hardware, I'm using a couple of YubiKey 4.Local: macOS 10.13.5 High Sierra on a MacBook Pro 15-inch Touchbar.This guide was tested on my current development setup: Note: I've written an updated guide for macOS Catalina