Yubikey

GPG Setup and Tutorials

• PGP - dev.yubico
• Git signing
• Does Yubikey support multiple PGP keys? : r/yubikey (No)

• Make a key external to the Yubikey device, and back it up because there's no way to extract a key back out from the Yubikey (on purpose).
• Then use gpg --edit-key to run keytocard several times to move the signature key, encryption key, and authentication key in order.
• "After this the keyring is saved. And that point it no longer contains the real secret key, only a pointer indicating that it’s stored on a smart card."

Models

• YubiKey 4 – Yubico

PIV

The YubiKey 4 and 5 series along with the YubiKey NEO support the Personal Identity Verification (PIV) interface specified in NIST SP 800-73 document "Cryptographic Algorithms and Key Sizes for PIV".

• YubiKey and PIV
• Certificates: PIV — Yubico Authenticator User Guide documentation

SSH

• Proxying SSH connections with the YubiKey – Yubico

OATH

• Accounts: OATH — Yubico Authenticator User Guide documentation

Passkeys

• Passkeys: FIDO2 — Yubico Authenticator User Guide documentation