Hello, Michael Shuler <mich...@pbandjelly.org> wrote on 06/04/2024 at 16:31:28+0200:
> On 4/5/24 10:30, Pierre-Elliott Bécue wrote: >> Pierre-Elliott Bécue <p...@debian.org> wrote on 31/03/2024 at 14:31:37+0200: >>> Wookey <woo...@wookware.org> wrote on 31/03/2024 at 04:34:00+0200: >>> >>>> On 2024-03-30 20:52 +0100, Ansgar 🙀 wrote: >>>>> Yubikeys, Nitrokeys, GNUK, OpenPGP smartcards and similar devices. >>>>> Possibly also TPM modules in computers. >>>>> >>>>> These can usually be used for both OpenPGP and SSH keys. >>>> >>>> Slightly off-topic, but a couple of recent posts have given me the >>>> same thought: >>>> >>>> Can someone point to good docs on this? I've had a yubikey for 3/4 of >>>> a year now but have not yet worked out how I put my GPG key in it. (or >>>> if it should be another key, or a subkey, or whatever). So I'm not >>>> actually using it yet. >>>> >>>> PEB also described what sounded like a very sensible way to manage >>>> keys (using subkeys) in one of these threads but I don't know how to >>>> do that myself. >>> >>> I have started (and never finished) a blog article on how I use my >>> YubiKey and what config I put in it. I'll definitely try to get it out >>> before the end of next week. I'll probably extend it to mention the >>> creation of GPG subkeys etc. >>> >>> I would also be happy if it helps my fellow DDs to try making an article >>> about some basic crypto concepts regarding PGP, RSA et al. But not in >>> the same piece I guess. >> Hello, >> For those interested in: I've published two articles: >> 1. One on PGP subkeys https://pe.becue.phd/openpgp-subkeys >> 2. One on the OpenPGP module of YubiKeys: >> https://pe.becue.phd/yubikey-workfow-openpgp >> I'm happy to receive any kind of constructive feedback. >> > > Thank you so much for working on these. I last-minute cobbled together > a BOF on GPG Key Best Practices at Columbia in 2010, since the topic > came up in another talk. I was blown away at how much I did not know, > the complexity, as well as how many people crammed in that room - > definitely there are interested people (I think Wookey was there, > too?). I include myself in each of the things others mentioned, that I > should have been doing since then, but just never got around to.. At > least I now have a fist full of Yubikeys to play with, as we use them > at work, so thanks for your work. I appreciate it, and I'm guessing > there's a rather large, quiet group of people thinking the same. I'm very happy if it helps as little as one person. I do intend to add articles to both series, as I think these topics are really interesting, and having a good knowledge is a good way to take educated decisions. Thanks forn your feedback! -- PEB Nota: I did make some changes based on some feedback I already received, thanks for those having spent the time reading.
signature.asc
Description: PGP signature