差異處

這裏顯示兩個版本的差異處。

--- yubikey [2018/04/11 02:26]
jz
+++ yubikey [2019/02/02 18:46] (目前版本)
jz
@@ 行 9: / 行 9: @@
 <code>
+# yubikey manager
+pacman -S yubikey-manager
 # smart card daemon
 systemctl start pcscd.service
@@ 行 14: / 行 17: @@
 # enable U2F/smartcard/CCID feature
-ykpersonalize -m86
+ykpersonalize -m86 # yubikey 4 or below
+ykman config usb --enable-all # yubikey 5 or up
 # generate key
@@ 行 80: / 行 84: @@
 # add a pure authentication key
-add key
+addkey
 A
 S
 E
+Q
@@ 行 92: / 行 98: @@
 # Backup
-gpg --export-secret-key --armor {KEYID}
+gpg --armor --output privkey.sec --export-secret-key {KEYID}
+gpg --armor --output subkeys.sec --export-secret-subkeys {KEYID}
+gpg --armor --output pubkey.sec --export {KEYID}
-# Import key
+# Import key to card
 gpg --expert --edit-key {KEYID}
 toggle
@@ 行 109: / 行 117: @@
 quit
 y
+# Import key from card (Public key)
+gpg --card-edit
+fetch
+quit
 # List keys
@@ 行 117: / 行 130: @@
 </code>
+===== Unblock GPG PIN =====
+<code>
+gpg --card-status
+PIN retry counter : 0 0 3
+gpg --card-edit
+gpg/card> admin
+Admin commands are allowed
+gpg/card> passwd
+gpg: OpenPGP card no. … detected
+- change PIN
+- unblock PIN
+- change Admin PIN
+- set the Reset Code
+Q - quit
+Your selection? 2
+PIN unblocked and new PIN set.
+- change PIN
+- unblock PIN
+- change Admin PIN
+- set the Reset Code
+Q - quit
+Your selection? q
+</code>
 ===== Reset Yubikey =====
@@ 行 157: / 行 199: @@
   * https://developers.yubico.com/PGP/Importing_keys.html
   * https://gist.github.com/ageis/5b095b50b9ae6b0aa9bf
+  * https://gist.github.com/ageis/14adc308087859e199912b4c79c4aaa4
+  * https://github.com/ruimarinho/yubikey-handbook/blob/master/openpgp/troubleshooting/gpg-failed-to-sign-the-data.md
+  * https://www.mjollnir.cc/archives/216.html