"gpg --card-edit" with multiple card readers (Yubikey)
Andrew Gallagher
andrewg at andrewg.com
Mon Jul 17 17:36:39 CEST 2023
On 15 Jul 2023, at 20:36, Michael Richardson <mcr at sandelman.ca> wrote:
>
> Juanjo via Gnupg-users <gnupg-users at gnupg.org> wrote:
>
>> This may be a good starting point:
>> https://github.com/drduh/YubiKey-Guide
>
> "Keys stored on YubiKey are non-exportable (as opposed to file-based keys
> that are stored on disk) and are convenient for everyday use. "
>
> In my case, I want the same key on multiple devices, which 3 to 5 core
> members of an open source project will hold.
> (I am also considering if we want a higher security key which would be secret
> split across those keys, but we aren't building a CA here, but..)
>
> Is that possible with these devices?
>
> In some cases keys can be transfered in an encrypted form for another device,
> but not recovered by outsiders.
This is not possible with a Yubikey. If you want the same (sub)keys on multiple devices you must generate them on your laptop and copy them to each device in turn, remembering not to delete until you’re done.
A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20230717/851860f8/attachment.sig>
More information about the Gnupg-users
mailing list