Security with Yubikey and GPG
If you were following the discussion we had about signing other people keys with Yubikey and Stanko saying that’s not possible - we were later able to verify and confirm that it is indeed possible! Stanko made the cognisant decision to move only the subkey to the device and thus making signing with the smartcard impossible.
References and links from the talk
- Problems with GPG Fingerprints, Defcon https://goo.gl/2AUDvU
- My quick guide https://blog.andrei.im/post/gnupg
- The GNU Privacy Handbook https://www.gnupg.org/gph/en/manual.html
- Official Yubikey site https://www.yubico.com/product/yubikey-4-series/
- Setup SSH Auth with your Yubikey https://git.io/vN46b