[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: "gpg --card-edit" with multiple card readers (Yubikey)
From: Juanjo via Gnupg-users <gnupg-users () gnupg ! org>
Date: 2023-07-07 12:22:46
Message-ID: CANRz7yXqvB+fcLrr8HC=Vv=zYWU2j1ReBEQoQ-4=7RKH8SkmxA () mail ! gmail ! com
[Download RAW message or body]
On Fri, Jul 7, 2023 at 1:12 PM Werner Koch <wk@gnupg.org> wrote:
>
> On Fri, 7 Jul 2023 11:19, Juanjo said:
>
> > I'm using "gpg (GnuPG) 2.3.3" on AlmaLinux 9 and it works fine with a
> > single "YubiKey 5 USB (5.4.3) [CCID]".
>
> You should get a recent version. Even Fedora comes with 2.4.0
OK, I will try to recompile gnupg RPM from Fedora sources.
> > So, is there a way to select a specific Yubikey for the "gpg --card-edit"
> > command?
>
> GnuPG 2.3 and later supports several readers and thus the reader-port
> option of scdaemon is not really useful anymore. Please have a look at
> gpg-card [1], this new tool will eventually replace gpg --card-edit but
> it is different because it supports all kind of cards. There is even a
> yubikey control command. It depends on what you actually want to do.
I will take a look at gpg-card.
Our setup is very simple, we disabled all NFC Applications on the
Yubikey and also disabled all USB applications except OPENPGP.
Then we generate a PGP certificate on Yubikey and use it to access our
servers via SSH (by using the ability of gpg-agent to act as
ssh-agent).
This works fine with a single Yubikey, but we wanted to have more than
one connected at the same time in order to batch-configure them and
even to try to use multiple SSH key authentication in specific target
servers.
> Shalom-Salam,
>
> Werner
Thanks for your fast response, Werner.
Regards,
Juanjo
> [1] https://gnupg.org/documentation/manuals/gnupg24/gpg-card.1.html
>
> --
> The pioneers of a warless world are the youth that
> refuse military service. - A. Einstein
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic