导入钥匙

GPG 私钥可以被复制或者导入进 Yubikey,下面的例子是把私钥导入 Yubikey。

【译者注:私钥一旦被导入 Yubikey 即无法导出,建议冷备份

❯ gpg --edit-key <keyId>

gpg> toggle
gpg> key 1
gpg> keytocard

Please select where to store the key:
   (1) Signature key
   (3) Authentication key
Your selection? 1

gpg> key 1
gpg> key 2
gpg> keytocard

Please select where to store the key:
   (2) Encryption key
Your selection? 2

gpg> key 2
gpg> key 3
gpg> keytocard

Please select where to store the key:
   (3) Authentication key
Your selection? 3

gpg> quit

确保私钥已经被移动到 Yubikey 中:

❯ gpg --list-secret-keys

如果你看到 ssb>,它显示的的是 Yubikey 上私钥的存根,意味着导入已经成功。

然后检查一下设备状态:

❯ gpg --card-status

results matching ""

    No results matching ""