[securityguide: 2/3] Add my basic docs on the Yubikey Neo
Jared Smith
jsmith at fedoraproject.org
Mon Mar 31 12:10:07 UTC 2014
commit 1626e8e644f863fd1102593f3d858d8be31f162b
Author: Jared K. Smith <jaredsmith at jaredsmith.net>
Date: Sun Mar 23 10:26:59 2014 -0400
Add my basic docs on the Yubikey Neo
en-US/Security_Guide.xml | 18 +++++++++++-------
en-US/Yubikey_Neo.xml | 22 ++++++++++++++++------
2 files changed, 27 insertions(+), 13 deletions(-)
---
diff --git a/en-US/Security_Guide.xml b/en-US/Security_Guide.xml
index 2a5ac80..f707385 100644
--- a/en-US/Security_Guide.xml
+++ b/en-US/Security_Guide.xml
@@ -14,15 +14,19 @@
<xi:include href="SoftwareMaintenance.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
<xi:include href="CVE.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
<chapter>
+ <title>Yubikey</title>
+ <xi:include href="Yubikey_Neo.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ </chapter>
+ <chapter>
<title>SELinux</title>
<para/>
- <xi:include href="Introduction.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="Contexts_and_Attributes.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="Targeted_Policy.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="Working_With_SELinux.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="Managing_Users.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="Troubleshooting.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include href="Further_Information.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Introduction.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Contexts_and_Attributes.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Targeted_Policy.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Working_With_SELinux.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Managing_Users.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Troubleshooting.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
+ <xi:include href="Further_Information.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
</chapter>
<xi:include href="Managing_Confined_Services.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
<xi:include href="Encryption_Standards.xml" xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
diff --git a/en-US/Yubikey_Neo.xml b/en-US/Yubikey_Neo.xml
index 74c5d7a..69d7570 100644
--- a/en-US/Yubikey_Neo.xml
+++ b/en-US/Yubikey_Neo.xml
@@ -45,18 +45,28 @@ General key info..: [none]
<para><command>lang</command> to set your language (<literal>en</literal> for example).</para>
<para><command>sex</command> to set your gender.</para>
<para><command>quit</command> to quit.</para>
- <para><command>gpg --edit-key <literal>fingerprint</literal></command></para>
- <para><command>addkey</command> to create a new key</para>
- <para><command>RSA (sign only)</command> to create a subkey for signing</para>
- <para><command>save</command> to save the key</para>
- <para><command>quit</command> to quit</para>
+ </section>
+ <section>
+ <title>Creating the key on the Yubikey Neo</title>
+ <para><command>gpg --edit-key <replaceable>key-id</replaceable></command></para>
+ <para><command>addcardkey</command> to generate a new key on the Yubikey Neo</para>
+ <para>Select <option>Signature key</option>.</para>
+ <para>Enter the PIN</para>
+ <para>Unlock your master key</para>
+ <para>Specify the expiration date for your key -- and yes, please set an expiration date. You can always edit the key and </para>
+
+ </section>
+<!--
+ <section>
+ <title>Using gnupg2</title>
<para>We can't write to the card from gpg itself, so let's switch to gpg2. First, make sure that gpg2 can see your
card by running <command>gpg2 --card-status</command>. If it can't see your card, you probably forgot to install the
<package>gnupg2-smime</package> package.</para>
- <para>Run <command> sudo gpg2 --no-default-keyring --keyring ~/.gnupg/pubring.gpg --secret-keyring ~/.gnupg/secring.gpg --edit-key <replaceable>fingerprint</replaceable></command></para>
+ <para>Run <command> sudo gpg2 --no-default-keyring --keyring ~/.gnupg/pubring.gpg --secret-keyring ~/.gnupg/secring.gpg --edit-key <replaceable>key-id</replaceable></command></para>
<para><command>toggle</command> to switch between public key and secret key</para>
<para>Subkeys are numbered starting with 1, so type <command>key <replaceable>2</replaceable></command> to select the 2nd subkey. Now you'll notice a <literal>*</literal> next to the key.</para>
<para><command>keytocard</command> to write the key to the Yubikey Neo.</para>
</section>
+-->
</section>
More information about the docs-commits
mailing list