Question 1

How do I set up YubiKey for SSH on Windows?

Accepted Answer

The guide includes Windows-specific instructions using GnuPG and PuTTY: install required software, configure scdaemon.conf and gpg-agent.conf, and export the SSH public key from GnuPG. It notes that WSL requires additional setup with tools like weasel-pageant for agent forwarding.

Question 2

YubiKey vs software keys for Git commit signing?

Accepted Answer

YubiKey provides hardware-backed security where keys are non-exportable, reducing theft risk, but requires physical touch and PIN entry. Software keys are easier to set up and manage but are vulnerable to extraction from filesystems. The guide details Git integration with YubiKey for signing commits and tags.

Question 3

How to backup YubiKey keys securely?

Accepted Answer

Backup involves encrypting the Certify key and subkeys using LUKS on portable storage, with step-by-step commands for Linux and OpenBSD. The guide recommends multiple backups on separate devices and using Paperkey for physical copies to prevent data loss.

Question 4

Why is my YubiKey not detected by GnuPG?

Accepted Answer

Common issues include missing pcscd service, incorrect scdaemon.conf settings, or driver problems. The troubleshooting section advises checking gpg --card-status, ensuring proper software installation, and adjusting configuration files like disabling CCID if needed.

Question 5

How to use YubiKey for email encryption in Thunderbird?

Accepted Answer

Configure Thunderbird with Enigmail or Mailvelope, import the public key from YubiKey, and set up GnuPG integration. The guide provides specific steps for Thunderbird, Mutt, and Mailvelope, including agent forwarding for remote decryption.

Question 6

Can I use multiple YubiKeys with the same identity?

Accepted Answer

Yes, the guide covers using multiple YubiKeys by managing key stubs in GnuPG. It explains how to transfer subkeys to additional YubiKeys and use scripts to handle serial number conflicts, but notes that each YubiKey can only hold one set of subkeys per identity.

YubiKey Guide

What is YubiKey Guide?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions