Git Product home page Git Product logo

Comments (4)

plajjan avatar plajjan commented on July 23, 2024 3

@drduh while it's good that you now point out that adduid should be run while the secret keys are available, perhaps it is also worth pointing out what steps need to be taken if someone wants to run adduid at a later point in time as per @Astorsoft comment.

from yubikey-guide.

Astorsoft avatar Astorsoft commented on July 23, 2024

It could also be interesting to add information about the impact of adding identities after the fact. As it was not part of the tutorial I forgot to do it in the first place, then realised I forgot to add my other emails once everything was done. I restored my master key, edited it, added the emails, saved, then sent the public key again to key servers. I just hope this is enough and I don't have to re-create subkeys and/or re-import them into the yubikey. I could not find any clear information on the latter.

from yubikey-guide.

plajjan avatar plajjan commented on July 23, 2024

I'm not GPG expert but I don't think you need to update the keys on the yubikey. You are absolutely right in that you have to bring out your secret keys again to perform the adduid but from there all I think you need to do is export a new public key that contains the new uid, then move that to wherever you want and import it. At least that's what I just tested and it seems to work. I did NOT perform a new keytocard, yet my yubikey is able to decrypt the content. There's only one decrypt / encrypt subkey after all and it doesn't change, only the association between that key and UIDs change. Since that association lies with GPG on the computer and not on the yubikey (AFAIK) then we shouldn't need to update the yubikey.

Would be great if someone else could verify the theory behind this or if by not updating the yubikey we are missing out on something and also good if someone can just practically verify this by repeating.

from yubikey-guide.

MTRNord avatar MTRNord commented on July 23, 2024

@drduh while it's good that you now point out that adduid should be run while the secret keys are available, perhaps it is also worth pointing out what steps need to be taken if someone wants to run adduid at a later point in time as per @Astorsoft comment.

Is there any info on how to add them later on? I am stuck at that as I now have another email to add but gpg for the above reasons doesnt let me. And I dont want to break the existing key by trying something wrong :)

from yubikey-guide.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.