Re: Guix home, guix system, channels, some noob questions

Tue, 14 Jun 2022 03:47:26 -0700 


Le 13/06/2022 à 21:31, Dominic Martinez a écrit :



sebastien rey-coyrehourcq <sebastien.rey-coyrehou...@univ-rouen.fr> 
writes:



Hi,


I jump into guile world by learning and copy/pasting Dominic Martinez 
config :)



Nice to know my config helped someone! Sorry it's a bit of a mess, I 
didn't really document anything.

I'm interested to better understand some Guile snippet of your config, 
if you're ok, is it possible to ask that in another mail or irc ?



Everything going pretty well but now i'm blocked with yubikey 
configuration.



And without yubikey that contain your only private key to 
sign/decrypt everything, that's a

little complicated ...


Running "gpg --card-status" my yubikey is correclty detected. That a 
good news ... BUT

that's all,
other command don't work, for example both :

gpg --list-secret-keys
gpg --list-keys



When you say it doesn't work, do you mean it doesn't list any keys? If 
you have keys on your Yubikey that you used with GPG on a different 
system, you'll have to re-export the key stubs for GPG to use the 
Yubikey for authentication (see 
https://github.com/drduh/YubiKey-Guide#switching-between-two-or-more-yubikeys).



Thanks! This only manipulation seems not enough and i finally found that 
importing public key is required, from server or directly from the key ....


yourkey.asc | gpg --import

After that, everything goes well !


If you're getting other errors, you might need to enable some system 
services. For instance, you need the pcscd service 
(https://guix.gnu.org/manual/devel/en/guix.html#index-pcscd), and also 
the udev rules appropriate for your Yubikey model 
(https://github.com/Yubico/libfido2/blob/main/udev/70-u2f.rules). The 
below snippet should get all Yubikey functionality working:


#+begin_src scheme
(service pcscd-service-type)
(udev-rules-service 'yubikey-rules
                    (udev-rule
                     "70-u2f.rules"
                     (string-append
                      ;; All keys

                      "ACTION!=\"add|change\",                       
GOTO=\"u2f_end\"\n"

                      ;; Yubikey
                      "KERNEL==\"hidraw*\", "
                      "SUBSYSTEM==\"hidraw\", "
                      "ATTRS{idVendor}==\"1050\", "

"ATTRS{idProduct}==\"0113|0114|0115|0116|0120|0121|0200|0402|0403|0406|0407|0410\", 
                       "

                      "TAG+=\"uaccess\", MODE=\"0660\"\n"
                      ;; End all keys
                      "LABEL=\"u2f_end\"")))
#+end_src


I already copy paste this part from your config :)

Thanks again !

Sébastien RC.




Attachment:
OpenPGP_0xD262AFCCE42732D3.asc

Description: OpenPGP public key



Attachment:
OpenPGP_signature

Description: OpenPGP digital signature


























					Reply via email to