Hi all,
At my workplace, we've recently adopted YubiKeys as a means for doing
2FA, I've been using mine for 2FA-based authentication with OpenSSH
servers (using `gpg-agent` and the YubiKey OpenPGP applet), and we plan
to use the PIV component of these keys to authenticate with some HTTPS
services.
On Samstag, 30. Oktober 2021 14:24:58 CEST Chris Taylor wrote:
> The hash of my gpg file on my laptop is different to it's hash on the
> thumb drive.
If the hash of any file on your laptop differs from the hash of the same file
after copying it to the thumb drive this can only mean two things:
1
The hash of my gpg file on my laptop is different to it's hash on the
thumb drive. For comparison, the hash of the tar.gz file (i.e. before
encryption) is the same before and after I copy it to the thumb drive.
Are there any techniques I should be using to protect my gpg file?
Chris Taylor
Hello,
I'm using GnuPG together with an OpenPGP card. When I want to decrypt
something the gpg-agent is via pinentry asking for the PIN to unlock the card.
Normally I don't care about how long the card remains unlocked, because
I just withdraw the USB dongle after the operation. I was thinking t
* 2021-10-29 16:04:11+0200, Romain LT via Gnupg-users wrote:
> tofu.db
> is an sqlite database and mean Trust On First Use. But what does
> it means and what does it contains ?
tofu.db contains a log for every signature and encryption by/for every
key and email address. This means in
