s83/YubiKey-Guide
1
0
Fork 0
mirror of https://github.com/drduh/YubiKey-Guide.git synced 2025-06-18 11:12:40 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

split subkey gen command, note ed25519 auth

Browse source
This commit is contained in:
drduh 2025-06-15 13:22:45 -07:00
parent 8c0a752934
commit d8ad5c469b
1 changed files with 13 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

15
README.md
View file

@ -490,13 +490,22 @@ EOF
Generate Signature, Encryption and Authentication Subkeys using the previously configured key type, passphrase and expiration: Generate Signature, Encryption and Authentication Subkeys using the previously configured key type, passphrase and expiration:
```console ```console
for SUBKEY in sign encrypt auth ; do \
echo "$CERTIFY_PASS" | \ echo "$CERTIFY_PASS" | \
gpg --batch --pinentry-mode=loopback --passphrase-fd 0 \ gpg --batch --pinentry-mode=loopback --passphrase-fd 0 \
--quick-add-key "$KEYFP" "$KEY_TYPE" "$SUBKEY" "$EXPIRATION" --quick-add-key "$KEYFP" "$KEY_TYPE" sign "$EXPIRATION"
done
echo "$CERTIFY_PASS" | \
gpg --batch --pinentry-mode=loopback --passphrase-fd 0 \
--quick-add-key "$KEYFP" "$KEY_TYPE" encrypt "$EXPIRATION"
echo "$CERTIFY_PASS" | \
gpg --batch --pinentry-mode=loopback --passphrase-fd 0 \
--quick-add-key "$KEYFP" "$KEY_TYPE" auth "$EXPIRATION"
``` ```
> [!NOTE]
> Some systems no longer accept RSA keys for SSH authentication; set the `KEY_TYPE` variable to `ed25519` before generating the last `auth` subkey.
# Verify keys # Verify keys
List available secret keys: List available secret keys: