YubiKey-Guide
YubiKey-Guide copied to clipboard
Fetch Public Key from YubiKey URL
I find it handy to upload my public key to something like Keybase.io or Public Dropbox folder and set the URL of the YubiKey to the public key URL. Then when you want to import it quickly
gpg --edit-card
gpg/card> url
URL to retrieve public key: https://keybase.io/<username>/pgp_keys.asc
gpg/card>save
From here if you want to import/fetch the public key
Insert YubiKey
gpg --edit-card
gpg/card> fetch
gpg: requesting key from 'https://keybase.io/<username>/pgp_keys.asc'
gpg: key AAAAAAAAAAAAAA: public key "First Last <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg/card> quit
gpg --edit-key AAAAAAAA
gpg> trust
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
gpg> quit
@codemonkee Please send a PR with this suggestion, it's really helpful!
@menduz implemented something similar for his bootstrap script
Thanks for mentioning @sp8c3! to add to the original thread, using github's or gitlab's infrastructure can save you some work:
https://github.com/<username>.gpg
-> https://github.com/menduz.gpg
This also works with keys.openpgp.org:
https://keys.openpgp.org/vks/v1/by-fingerprint/FINGERPRINT
Seems there are several ways to do this - PRs welcome!