• Intro

• Getting Started

• Generating the Master Key

• Exporting the Key

• Setting up your Yubikey

• Adding to a Yubikey

• Setting up GPG Signing

• Using SSH

• Using Duplicated Keys

Intro

In the past year Yubico has updated their firmware to support Ed25519. This finally brings support for elliptical curve encryption, and much shorter ssh public keys.

Yubikeys are really useful, they allow you to do git commit signing, ssh, and store your private key on an external device.

This lets you jump between computers easily, and you never have your private key sitting on a local filesystem.

One critical piece to this setup is making backup keys, this has been covered by other blog posts, but there's a less common issue out there: plugging in a cloned key will cause a GPG error that you have to work around on your own... This is frustrating if you setup two yubikeys, and frequently use them both.

This guide will cover creating the GPG master key. Setting it up for commit signing, using this master key with ssh, how to make …