• 导入钥匙

    导入钥匙

    GPG 私钥可以被复制或者导入进 Yubikey,下面的例子是把私钥导入 Yubikey。

    【译者注:私钥一旦被导入 Yubikey 即无法导出,建议冷备份

    1.  gpg --edit-key <keyId>
    3. gpg> toggle
    4. gpg> key 1
    5. gpg> keytocard
    7. Please select where to store the key:
    8.    (1) Signature key
    9.    (3) Authentication key
    10. Your selection? 1
    12. gpg> key 1
    13. gpg> key 2
    14. gpg> keytocard
    16. Please select where to store the key:
    17.    (2) Encryption key
    18. Your selection? 2
    20. gpg> key 2
    21. gpg> key 3
    22. gpg> keytocard
    24. Please select where to store the key:
    25.    (3) Authentication key
    26. Your selection? 3
    28. gpg> quit

    确保私钥已经被移动到 Yubikey 中:

    1.  gpg --list-secret-keys

    如果你看到 ssb>,它显示的的是 Yubikey 上私钥的存根,意味着导入已经成功。

    然后检查一下设备状态:

    1.  gpg --card-status