Ubuntu 17.10 – gpg/ssh with USB token (yubikey)

1 minute read Published:

A shell script to properly configure GNOME to play nice with a Yubikey. This script allows you to use your Yubikey for GPG and SSH while leaving passwords and PK11 for GNOME keyring (Ubuntu 15.04-17.10) Copied from hyper3xpl0iter@github I just modified the deb source locations since the country mirrors of archive.ubuntu.org do not contain vivid anymore. Download it here CAVE: The removal of the new versions of gpg and so on also removes gnome-control-center so a sudo apt-get -y install gnome-control-center has to be done afterwards.

Good bye linux – hello (again) windows!

1 minute read Published:

After a recent apt-get update && apt-get dist-upgrade which also updated gpg-agent my smart cards (and therefore ssh auth for my servers) stopped to work. A ps aux|grep gpg-agent revealed that it´s now started with --supervised instead of the options given by me. Even a pkill gpg-agent and eval $(gpg-agent --options) didn´t help. A quick search in google found out that developers changed the start up but I did not want to dig any deeper and edit scripts or whatsoever again…

Once again new PGP keys...

1 minute read Published:

… due to being stupid and not remembering my private key passphrase and therefore unable to interact with my private key anymore I deceided to revoke the old key pub 4096R/0x73538126032AD297 2014-11-12 [expires: 2016-11-11] Key fingerprint = F5DE 3184 F042 30E7 0CD0 84F2 7353 8126 032A D297 The new key is as follows pub 4096R/0xEFD7808C60A82FF1 2015-08-22 [expires: 2018-08-21] Key fingerprint = E04B 3279 3DAD 5F29 CA5F FD48 EFD7 808C 60A8 2FF1 It can be found and retrieved via the usual ways and also via this link

(x)ubuntu + pgp key card the easy way...

1 minute read Published:

After this has been giving me a lot of headache and throwing curses at all and everything because nothing worked nearly out of the box – it looks like I finally managed to get gpg cards (yubi key and the one from kernelconcepts) working as intended … sudo apt-get purge --remove libpam-gnome-keyring -y && \ sudo apt-get install pcscd pcsc-tools gpgsm gnupg-agent scdaemon -y && \ sudo reboot and check out this link

New PGP keys

2 minute read Published:

I am transitioning PGP keys from an old RSA key to a new 4096-bit RSA master key with subkeys.

You can find the signed tansition statement signed by both keys here: