GPG/YubiKey/CentOS7
Mead, Jennifer
Jennifer.Mead at pacificorp.com
Fri Jun 21 20:42:28 CEST 2019
Hi All,
Even though I have had GPG and YubiKey running a few times on CentOS7 I lost all my notes and install guides. I am hung up on getting the public key from the YubiKey.
I wrote the gpg keys right on the yubikey, I can query and see that gnupg knows all about it and sees it as a card.
/home/p42547/.gnupg/pubring.gpg
-------------------------------
pub 2048R/C5778901 2019-06-20
uid Jen Mead (yubikey) <jennifer.mead at pacificorp.com>
sub 2048R/8293401A 2019-06-20
sub 2048R/A558FD7E 2019-06-20
[p42547 at cswks20~] > gpg --list-secret-keys
/home/p42547/.gnupg/secring.gpg
-------------------------------
sec> 2048R/C5778901 2019-06-20
Card serial no. = 0006 09042340
uid Jen Mead (yubikey) <jennifer.mead at pacificorp.com>
ssb> 2048R/8293401A 2019-06-20
ssb> 2048R/A558FD7E 2019-06-20
[p42547 at cswks20~] > ssh-add
[p42547 at cswks20~] > ssh-add -l
error fetching identities for protocol 1: agent refused operation
2048 SHA256:dj02A/DHL0RKuJuMLBX14CaQ6RriT0uqY0sXqTNPoW4 cardno:000609042340 (RSA)
[p42547 at cswks20~] > gpg --export-secret-keys $KEYID | openpgp2ssh $KEYID
We cannot handle encrypted secret keys. Skipping!
I never encrypted this key. So why is it coming out encrypted?
gpg --export-secret-keys C5778901 gives me an asci file that then complains about not being openpgp it also is missing the cardno in the public file which tells the server to look at the yubikey for the matching key. I am more than confused. Can anyone tell me how to properly get the public key off of the yubikey to present to other servers?
Regards,
Jennifer (Jen) Mead
Security Engineer
503.813.5373
Jennifer.Mead at pacificorp.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190621/804dfa5a/attachment.html>
More information about the Gnupg-users
mailing list