FW: yubikey public key

Mead, Jennifer Jennifer.Mead at pacificorp.com
Thu Apr 4 16:16:58 CEST 2019

Second try.

From: Mead, Jennifer
Sent: Monday, April 1, 2019 2:24 PM
To: 'gnupg-users-request at gnupg.org' <gnupg-users-request at gnupg.org>
Subject: yubikey public key

Hi Everyone,

I got a yubikey 5 working with Gnupg agent by writing the key direct to the card on CentOS 7.  Then I was tasked with writing documentation for others to do the same.   I have to admit that I had been at it quite a while (trying different ways of accomplishing it) and wasn't able to instant recall all my steps.

What other folks are struggling with (just guessing this is the issue) is that when they dump the public key (to move to another server and add to the authorized_keys file) they get a different style output than I do.  I get a string that ends with cardno:NNNNNNNNNNNN and they get a regular key (bigger and without card reference).

I am hoping that someone on this forum/list will have an easy answer to that problem.  I don't remember running a converter to change the public key format.  I don't remember doing anything special.  I did generate my key on the card, but I am having them do the same thing.  Generating direct to card is a security requirement here.

I tried to run gpg with the flag -export-ssh-key and that is not available on gpg2 on CentOS 7 (I get invalid option).  Not that I think that will fix my issue, I am just desperate to find what I did different to get the cardno:NNNNNNNNNNNN public key exported.  Any help is appreciated.


Jennifer (Jen) Mead
Security Engineer
Jennifer.Mead at pacificorp.com<mailto:Jennifer.Mead at pacificorp.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190404/c7edfcea/attachment-0001.html>

More information about the Gnupg-users mailing list