- SSH
- Signerte commits
- 2FA
- Og mye mer
π€ Generere masterkey pΓ₯ eller av nΓΈkkelen?
Best (men litt :tinfoil:) DrDuhs guide
Enklest: Yubikey all the things
$ brew install gpg
Default er 123456/12345678
$ gpg --change-pin
π‘Husk din nye adminpin!
ΓΈverst i .zshrc
eller .bashrc
:
β File: .zshrc
βββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββ
1 β export GPG_TTY=$(tty)
2 β gpg-connect-agent updatestartuptty /bye
3 β unset SSH_AGENT_PID
4 β export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
$ brew install pinentry-mac
β File: .gnupg/gpg-agent.conf
βββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββ
1 β pinentry-program /usr/local/bin/pinentry-mac
Det er ogsΓ₯ her du kan sette ttl for caching av pin, se https://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html
- on key https://www.engineerbetter.com/blog/yubikey-ssh/#roca
- off key https://github.com/drduh/YubiKey-Guide#master-key
$ gpg --keyserver keys.openpgp.org --search <email>
###Eksporter til Github
- Finn
<key>
:$ gpg --list-secret <email>
- Eksporter:
$ gpg --armor --export <key>
- Lim inn: https://github.com/settings/gpg/new
- Fortell Git hva du driver med:
git config --global commit.gpgsign true
git config --global user.signingkey <key>