On Mon, Jul 10, 2023 at 3:54 PM Bernhard Reiter wrote:
>
> Michael,
>
> Am Freitag 07 Juli 2023 20:32:15 schrieb Michael Richardson:
> > > I should eventually describe the environment.
> >
> > Yes please.
> > Could it go into a wiki page or something that people can comment on and/or
> > amend?
>
> feel free to open a page with the info that Werner has already given on
> https://wiki.gnupg.org
This may be a good starting point: https://github.com/drduh/YubiKey-Guide
In fact, there I finally found how to set the default Yubikey used by
"gpg --card-edit" when you have multiple keys inserted (remember
AlmaLinux9, gnupg2-2.3.3-2.el9_0.x86_64):
$ ykman list
YubiKey 5 NFC (5.4.3) [CCID] Serial: 18137XXX
YubiKey 5 NFC (5.4.3) [CCID] Serial: 18137YYY
YubiKey 5 NFC (5.4.3) [CCID] Serial: 18137ZZZ
$
$ gpg --card-status | grep -E "^Reader|^Application ID|^Serial number"
Reader ...: Yubico YubiKey CCID 03 00
Application ID ...: D27600012401000618137XX
Serial number : 18137XXX
$
$ gpg --card-status all | grep -E "^Reader|^Application ID|^Serial number"
Reader ...: Yubico YubiKey CCID 03 00
Application ID ...: D27600012401000618137XXX
Serial number : 18137XXX
Reader ...: Yubico YubiKey CCID 02 00
Application ID ...: D27600012401000618137YYY
Serial number : 18137YY
Reader ...: Yubico YubiKey CCID 00 00
Application ID ...: D27600012401000618137ZZZ
Serial number : 18137ZZ
$
$
$ gpg-connect-agent 'SCD SERIALNO help' /bye
[...]
# SERIALNO [--demand=] [--all] []
[...]
$
$ gpg-connect-agent 'scd serialno
--demand=D27600012401000618137YYY' /bye
S SERIALNO D27600012401000618137YYY
OK
$
$ gpg --card-status | grep -E "^Reader|^Application ID|^Serial number"
Reader ...: Yubico YubiKey CCID 02 00
Application ID ...: D27600012401000618137YYY
Serial number : 18137YYY
$
$ gpg --card-edit
Reader ...: Yubico YubiKey CCID 02 00
Application ID ...: D27600012401000618137YYY
Application type .: OpenPGP
Version ..: 0.0
Manufacturer .: Yubico
Serial number : 18137YYY
Name of cardholder: [not set]
Language prefs ...: [not set]
Salutation ...:
URL of public key : [not set]
Login data ...: [not set]
Signature PIN : not forced
Key attributes ...: rsa4096 rsa4096 rsa4096
Max. PIN lengths .: 127 127 127
PIN retry counter : 5 5 5
Signature counter : 4
KDF setting ..: on
UIF setting ..: Sign=on Decrypt=on Auth=on
Signature key : ABCD 1234
created : 2023-07-14 07:48:45
Encryption key: ABCD 1234
created : 2023-07-14 07:48:45
Authentication key: ABCD 1234
created : 2023-07-14 07:48:45
General key info..:
pub rsa4096/...
sec> rsa4096/XYZ987... created: 2023-07-14 expires: never
card-no: 0006 18137YYY
ssb> rsa4096/XYZ987... created: 2023-07-14 expires: never
card-no: 0006 18137YYY
ssb> rsa4096/XYZ987... created: 2023-07-14 expires: never
card-no: 0006 18137YYY
gpg/card> admin
Admin commands are allowed
gpg/card> generate
Make off-card backup of encryption key? (Y/n) n
[...]
>
> Regards,
> Bernhard
Regards,
Juanjo
> --
> https://intevation.de/~bernhard +49 541 33 508 3-3
> Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
> Geschäftsführer Frank Koormann, Bernhard Reiter
> ___
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
