parent
753b8e7a3b
commit
09f3822a19
12
README.md
12
README.md
|
@ -46,7 +46,7 @@ If you have a comment or suggestion, please open an [Issue](https://github.com/d
|
||||||
- [Prerequisites](#prerequisites)
|
- [Prerequisites](#prerequisites)
|
||||||
- [WSL configuration](#wsl-configuration)
|
- [WSL configuration](#wsl-configuration)
|
||||||
- [Remote host configuration](#remote-host-configuration)
|
- [Remote host configuration](#remote-host-configuration)
|
||||||
- [Multiple keys](#Multiple-keys)
|
- [Multiple Keys](#multiple-keys)
|
||||||
- [Require touch](#require-touch)
|
- [Require touch](#require-touch)
|
||||||
- [Email](#email)
|
- [Email](#email)
|
||||||
- [Reset](#reset)
|
- [Reset](#reset)
|
||||||
|
@ -1783,11 +1783,11 @@ On the remote host, type `ssh-add -l` - if you see the ssh key, that means forwa
|
||||||
|
|
||||||
**Note** Agent forwarding may be chained through multiple hosts - just follow the same [protocol](#remote-host-configuration) to configure each host.
|
**Note** Agent forwarding may be chained through multiple hosts - just follow the same [protocol](#remote-host-configuration) to configure each host.
|
||||||
|
|
||||||
# multiple keys
|
# Multiple Keys
|
||||||
|
|
||||||
GnuPG doesn't store the serial number of the first key it has seen - [#T2291](https://dev.gnupg.org/T2291).
|
If a you want to use multiple YubiKeys with a single identity - or to replace a lost card with another, delete the GnuPG shadowed key - where the card serial number is stored (see [GnuPG #T2291](https://dev.gnupg.org/T2291)).
|
||||||
|
|
||||||
If a YubiKey is lost and replaced, delete GnuPG's shadowed key - where the serial number is stored. Find the `Keygrip` number of each key:
|
Find the `Keygrip` number of each key:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ gpg --with-keygrip -k $KEYID
|
$ gpg --with-keygrip -k $KEYID
|
||||||
|
@ -1806,7 +1806,7 @@ sub rsa4096/0x3F29127E79649A3D 2017-10-09 [A] [expires: 2018-10-09]
|
||||||
Then delete all the shadow keys using their `Keygrip` number:
|
Then delete all the shadow keys using their `Keygrip` number:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ cd .gnupg/private-keys-v1.d
|
$ cd ~/.gnupg/private-keys-v1.d
|
||||||
|
|
||||||
$ rm 85D44BD52AD45C0852BD15BF41161EE9AE477398.key \
|
$ rm 85D44BD52AD45C0852BD15BF41161EE9AE477398.key \
|
||||||
A0AA3D9F626BDEA3B833F290C7BCA79216C8A996.key \
|
A0AA3D9F626BDEA3B833F290C7BCA79216C8A996.key \
|
||||||
|
@ -1819,6 +1819,8 @@ Insert the new YubiKey and re-generate shadow-keys by checking card status:
|
||||||
$ gpg --card-status
|
$ gpg --card-status
|
||||||
```
|
```
|
||||||
|
|
||||||
|
See discussion in Issues [#19](https://github.com/drduh/YubiKey-Guide/issues/19) and [#112](https://github.com/drduh/YubiKey-Guide/issues/112) for more information and troubleshooting steps.
|
||||||
|
|
||||||
# Require touch
|
# Require touch
|
||||||
|
|
||||||
**Note** This is not possible on YubiKey NEO.
|
**Note** This is not possible on YubiKey NEO.
|
||||||
|
|
Loading…
Reference in New Issue