From ce292b299adde5d30d09ac49c1791be03ca6c6b8 Mon Sep 17 00:00:00 2001
From: Sun Knudsen <hello@sunknudsen.com>
Date: Wed, 1 Sep 2021 10:55:22 -0400
Subject: [PATCH] Improved ykman steps

---
 .../README.md                                 | 25 ++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

diff --git a/how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey/README.md b/how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey/README.md
index 9963926..baba444 100644
--- a/how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey/README.md
+++ b/how-to-generate-and-air-gap-pgp-private-keys-using-gnupg-tails-and-yubikey/README.md
@@ -834,16 +834,35 @@ Enter Admin PIN:
 
 $ ykman openpgp keys set-touch aut on --force
 Enter Admin PIN:
+
+$ ykman openpgp keys set-touch att on --force
+Enter Admin PIN:
+
+$ ykman openpgp info
+OpenPGP version: 3.4
+Application version: 5.4.3
+
+PIN tries remaining: 3
+Reset code tries remaining: 0
+Admin PIN tries remaining: 3
+
+Touch policies
+Signature key           On
+Encryption key          On
+Authentication key      On
+Attestation key         On
 ```
 
+On
+
+👍
+
 ### Step 25 (optional): disable all YubiKey interfaces except for OpenPGP over USB
 
 > Heads-up: increase `sleep` delay if “Error: No YubiKey detected!” error is thrown.
 
 ```console
-$ ykman config usb --enable OPENPGP --force
-
-$ for interface in FIDO2 HSMAUTH OATH OTP PIV U2F; do ykman config usb --disable $interface --force; sleep 3; done
+$ ykman config usb --disable FIDO2 --disable HSMAUTH --disable OATH --disable OTP --disable PIV --disable U2F --enable OPENPGP --force
 
 $ ykman config nfc --disable-all --force
 ```