"gpg --card-edit" with multiple card readers (Yubikey)
Juanjo
villapla+gnupg-users at uji.es
Mon Jul 17 09:01:30 CEST 2023
On Sat, Jul 15, 2023 at 9:36 PM Michael Richardson <mcr at sandelman.ca> wrote:
>
>
> Juanjo via Gnupg-users <gnupg-users at gnupg.org> wrote:
> >> should eventually describe the environment.
> >> >
> >> > Yes please. > Could it go into a wiki page or something that people
> >> can comment on and/or > amend?
> >>
> >> feel free to open a page with the info that Werner has already given
> >> on https://wiki.gnupg.org
>
> > This may be a good starting point:
> > https://github.com/drduh/YubiKey-Guide
>
> "Keys stored on YubiKey are non-exportable (as opposed to file-based keys
> that are stored on disk) and are convenient for everyday use. "
>
> In my case, I want the same key on multiple devices, which 3 to 5 core
> members of an open source project will hold.
> (I am also considering if we want a higher security key which would be secret
> split across those keys, but we aren't building a CA here, but..)
>
> Is that possible with these devices?
>
> In some cases keys can be transfered in an encrypted form for another device,
> but not recovered by outsiders.
We use keys generated into the yubikey, but I think the wiki
YubiKey-Guide in my previous e-mail just covers your use case:
generate GPG keys outside the Yubikey, backup them, and then transfer
the generated keys to a single or multiple Yubikeys.
Regards,
Juanjo
More information about the Gnupg-users
mailing list