Last active
October 17, 2025 22:31
-
-
Save lattice0/d80de5bebb46f6afc307c4f00ee547f0 to your computer and use it in GitHub Desktop.
Revisions
-
lattice0 revised this gist
Oct 17, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -12,7 +12,7 @@ And if you move computers, in the new one just run ssh-keygen -K ``` which will load the secret key ID (not the actual secret key) from the yubikey and place on the .ssh folder, and also load the .pub as well. # To use: -
Jul 13, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ # To generate: ``` ssh-keygen -t ed25519-sk -O resident -O verify-required -C "0000000" -O application=ssh:0000000 -f $HOME/.ssh/id_ed25519_sk_000000 ``` The `-O application=ssh:0000000` ensures that it will import and save with that name when you run `ssh-keygen -K`, preventing overrides. -
Jul 13, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ # To generate: ``` ssh-keygen -t ed25519-sk -O resident -O verify-required -C "0000000" -O application=ssh:0000000 ``` The `-O application=ssh:0000000` ensures that it will import and save with that name when you run `ssh-keygen -K`, preventing overrides. -
Jul 13, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ # To generate: ``` ssh-keygen -t ed25519-sk -O resident -O verify-required -C "yk_0000000" -O application=ssh:0000000 ``` The `-O application=ssh:0000000` ensures that it will import and save with that name when you run `ssh-keygen -K`, preventing overrides. -
Jul 13, 2025 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,9 +1,11 @@ # To generate: ``` ssh-keygen -t ed25519-sk -O resident -O verify-required -C "yk_0000000" -O application=ssh:0000000 -f $HOME/.ssh/id_ed25519_sk_0000000 ``` The `-O application=ssh:0000000` ensures that it will import and save with that name when you run `ssh-keygen -K`, preventing overrides. And if you move computers, in the new one just run ``` -
Jul 13, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ # To generate: ``` ssh-keygen -t ed25519-sk -O resident -O verify-required -C "0000000" -f $HOME/.ssh/id_ed25519_sk_000000 ``` And if you move computers, in the new one just run -
Jul 13, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ # To generate: ``` ssh-keygen -t ed25519-sk -O resident -O verify-required -C "0000000" -O application=ssh:ed25519 -f $HOME/.ssh/id_ed25519_sk_000000 ``` And if you move computers, in the new one just run -
Jul 13, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ # To generate: ``` ssh-keygen -t ed25519-sk -O resident -O verify-required -C "0000000" ``` And if you move computers, in the new one just run -
Jul 5, 2025 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,37 @@ # To generate: ``` ssh-keygen -t ed25519-sk -O resident -O application=ssh:<UID> -C "My Comment" ``` And if you move computers, in the new one just run ``` ssh-keygen -K ``` which will load the secret key ID (not the actual secret key) from the yubikey and place on the .ssh folder. # To use: ``` sudo apt install -y gnupg2 gnupg-agent scdaemon pcscd yubikey-manager ``` ``` gpg --card-status ``` Add this to your shell profile (~/.bashrc, ~/.zshrc, etc.): ``` export GPG_TTY=$(tty) export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) gpgconf --launch gpg-agent ``` Then reload your shell or run: ``` source ~/.bashrc # or ~/.zshrc ```