Ubuntu 17.10 – gpg/ssh with USB token (yubikey)

1 minute read Published:

A shell script to properly configure GNOME to play nice with a Yubikey. This script allows you to use your Yubikey for GPG and SSH while leaving passwords and PK11 for GNOME keyring (Ubuntu 15.04-17.10) Copied from hyper3xpl0iter@github I just modified the deb source locations since the country mirrors of archive.ubuntu.org do not contain vivid anymore. Download it here CAVE: The removal of the new versions of gpg and so on also removes gnome-control-center so a sudo apt-get -y install gnome-control-center has to be done afterwards.

Good bye linux – hello (again) windows!

1 minute read Published:

After a recent apt-get update && apt-get dist-upgrade which also updated gpg-agent my smart cards (and therefore ssh auth for my servers) stopped to work. A ps aux|grep gpg-agent revealed that it´s now started with --supervised instead of the options given by me. Even a pkill gpg-agent and eval $(gpg-agent --options) didn´t help. A quick search in google found out that developers changed the start up but I did not want to dig any deeper and edit scripts or whatsoever again…

Debian stretch & gpg key card with ssh auth – the journey is over – finally?

1 minute read Published:

It looks like my journey to find a linux distribution where gpg and ssh authentication with a gpg smartcard works right out of the box is finally over. Thanks to Moritz Bartl from torservers.net who pointed me in the direction to Debian testing aka stretch. All I did was sudo aptitude install pcscd pcsc-tools gpgsm gnupg-agent scdaemon -y echo "use-agent" >> ~/.gnupg/gpg.conf echo "enable-ssh-support" >> ~/.gnupg/gpg-agent.conf Commenting out use-ssh-agent in /etc/X11/Xsession.

Once again new PGP keys...

1 minute read Published:

… due to being stupid and not remembering my private key passphrase and therefore unable to interact with my private key anymore I deceided to revoke the old key pub 4096R/0x73538126032AD297 2014-11-12 [expires: 2016-11-11] Key fingerprint = F5DE 3184 F042 30E7 0CD0 84F2 7353 8126 032A D297 The new key is as follows pub 4096R/0xEFD7808C60A82FF1 2015-08-22 [expires: 2018-08-21] Key fingerprint = E04B 3279 3DAD 5F29 CA5F FD48 EFD7 808C 60A8 2FF1 It can be found and retrieved via the usual ways and also via this link

(x)ubuntu + pgp key card the easy way...

1 minute read Published:

After this has been giving me a lot of headache and throwing curses at all and everything because nothing worked nearly out of the box – it looks like I finally managed to get gpg cards (yubi key and the one from kernelconcepts) working as intended … sudo apt-get purge --remove libpam-gnome-keyring -y && \ sudo apt-get install pcscd pcsc-tools gpgsm gnupg-agent scdaemon -y && \ sudo reboot and check out this link