Tutorial: Set up a YubiKey for GPG and SSH!
Hey Brian! This is the best explanation I’ve ever seen on the entire Web! I’d have rated 10-stars if I could
You may need to restart your gpg agent (guess)?
gpg-connect-agent reloadagent /bye
Either way, run
gpg --list-secret-keys and you shouldn’t see a
> next to your
I’m guessing you cannot import your key because the the stub of the key (the one the yubikey) already exists.
I’m sure there is a better way to do this, but the quick and dirty way would be to create a new key ring:
1. stop the GPG agent
2. move your
~/.gnupg directory out of the way
mv ~/.gnupg ~/.gnupg.bak
3. import your secret key (a new key ring should be created)
Assuming that works you could move the keys to a new device, and restore your old
Again, I’m sure there is a better way to do this by telling GPG that you no longer want to use the smart card to manage the key.
Anyway, give that a shot, and let me know, if something like that works, maybe I can spend a bit of time adding another section to this post about managing multiple keys
I’ll try to find some time to add a section on using multiple keys!
Thanks for that, Brian. Really well written and succinct.
I found one issue. This won’t work for users of ARM based Macs because the Homebrew directory is different.
# configure gpg-agent to use this pinentry application echo "pinentry-program /usr/local/bin/pinentry-mac" >> ~/.gnupg/gpg-agent.conf
This will work on all Macs:
echo "pinentry-program $(which pinentry-mac)" >> ~/.gnupg/gpg-agent.conf