[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: "gpg --card-edit" with multiple card readers (Yubikey)
From: Michael Richardson <mcr+ietf () sandelman ! ca>
Date: 2023-07-17 17:36:02
Message-ID: 18475.1689615362 () localhost
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Andrew Gallagher <andrewg@andrewg.com> wrote:
>> Juanjo via Gnupg-users <gnupg-users@gnupg.org> wrote:
>>
>>> This may be a good starting point:
>>> https://github.com/drduh/YubiKey-Guide
>>
>> "Keys stored on YubiKey are non-exportable (as opposed to file-based
>> keys that are stored on disk) and are convenient for everyday use. "
>>
>> In my case, I want the same key on multiple devices, which 3 to 5 core
>> members of an open source project will hold. (I am also considering
>> if we want a higher security key which would be secret split across
>> those keys, but we aren't building a CA here, but..)
>>
>> Is that possible with these devices?
>>
>> In some cases keys can be transfered in an encrypted form for another
>> device, but not recovered by outsiders.
> This is not possible with a Yubikey. If you want the same (sub)keys on
> multiple devices you must generate them on your laptop and copy them to
> each device in turn, remembering not to delete until you're done.
okay, so in this case we are using the Yubikey only as a storage, equivalent
essentially to a USB storage? Or does it still do crypto on the device?
--
Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
["signature.asc" (application/pgp-signature)]
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic