Merge pull request #218 from DevSecNinja/devsecninja/addPowerShellCommand

Add PowerShell command to get YubiKey name
This commit is contained in:
drduh 2020-11-21 10:59:23 -08:00 committed by GitHub
commit fc6f9eb80d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 3 deletions

View File

@ -2172,15 +2172,22 @@ $ doas reboot
## Windows ## Windows
Windows can already have some virtual smartcard readers installed, like the one provided for Windows Hello. To ensure your YubiKey is the correct one used by scdaemon, you should add it to its configuration. You will need your device's full name. To find out what is your device's full name, plug your YubiKey, open the Device Manager, select "View > Show hidden devices". Go to the Software Devices list, you should see something like `Yubico YubiKey OTP+FIDO+CCID 0`. The name slightly differs according to the model. Thanks to [Scott Hanselman](https://www.hanselman.com/blog/HowToSetupSignedGitCommitsWithAYubiKeyNEOAndGPGAndKeybaseOnWindows.aspx) for sharing this information. Windows can already have some virtual smartcard readers installed, like the one provided for Windows Hello. To ensure your YubiKey is the correct one used by scdaemon, you should add it to its configuration. You will need your device's full name. To find out what is your device's full name, plug your YubiKey and open PowerShell to run the following command:
```` powershell
PS C:\WINDOWS\system32> Get-PnpDevice -Class SoftwareDevice | Where-Object {$_.FriendlyName -like "*YubiKey*"} | Select-Object -ExpandProperty FriendlyName
Yubico YubiKey OTP+FIDO+CCID 0
````
The name slightly differs according to the model. Thanks to [Scott Hanselman](https://www.hanselman.com/blog/HowToSetupSignedGitCommitsWithAYubiKeyNEOAndGPGAndKeybaseOnWindows.aspx) for sharing this information.
* Create or edit `%APPDATA%/gnupg/scdaemon.conf` to add: * Create or edit `%APPDATA%/gnupg/scdaemon.conf` to add:
``` ```
reader-port <your yubikey device's full name> reader-port <your yubikey device's full name, e.g. Yubico YubiKey OTP+FIDO+CCID 0>
``` ```
* Edit `%APPDATA%/gnupg/gpg-agent.conf` to add: * Create or edit `%APPDATA%/gnupg/gpg-agent.conf` to add:
``` ```
enable-ssh-support enable-ssh-support