Skip to content

Instantly share code, notes, and snippets.

@MarkTwoFive

MarkTwoFive/setup-win10.md

Created April 28, 2022 21:44
Show Gist options
  • Save MarkTwoFive/f6d4916b0e0145b5935491b0e3edbcc9 to your computer and use it in GitHub Desktop.
Save MarkTwoFive/f6d4916b0e0145b5935491b0e3edbcc9 to your computer and use it in GitHub Desktop.
Download ZIP
YubiKey Development setup (Git signing & SSH-auth)
Raw
setup-win10.md

! WIP !

Application setup

1 Configure GPG4Win with pageant support.

  1. From GPG4Win
  2. Command line: gpg-connect-agent /bye to start the gpg-connect agent.
Log output
gpg-connect-agent: no running gpg-agent - starting 'C:\\Program Files (x86)\\Gpg4win\\..\\GnuPG\\bin\\gpg-agent.exe'
gpg-connect-agent: waiting for the agent to come up ... (5s)
gpg-connect-agent: connection to the agent established
  1. Edit %APPDATA%\.gnupg\gpg-agent.conf to enable PuTTY compatibility
File content
enable-putty-support
enable-ssh-support
use-standard-socket
default-cache-ttl 600
max-cache-ttl 7200
  1. Command line: gpg-connect-agent killagent /bye && gpg-connect-agent /bye to restart the agent.
Log output
OK closing connection
gpg-connect-agent: no running gpg-agent - starting 'C:\\Program Files (x86)\\Gpg4win\\..\\GnuPG\\bin\\gpg-agent.exe'
gpg-connect-agent: waiting for the agent to come up ... (5s)
gpg-connect-agent: connection to the agent established
  1. Open "Kleopatra" and import the YubiKey public keys.
  2. Choose "Import" and select your XXX_public.asc to import your public key.
  3. Trust your key with lvl-5 (ultimate) trust. gpg --edit-key XXX-XXX-XXX
  4. trust and choose 5, then y. Return with quit.
  5. (Should be optional:) Restart gpg agent as shown in step 4.
  6. Kleopatra should now show the key as certified.

2 Configure GIT commit signing.

  1. Copy your signing key ID. (Either from GitHub / GitLab / ... or from Kleopatra)
  2. Configure: git config --global commit.gpgsign true to enable GPG signing on all projects.
  3. Configure: git config --global user.signingkey XXX-XXX-XXX to tell Git which key to use.
  4. (Optionally:) Verify that your commit signing works by committing something.

3 Configure SSH authentication support.

  1. Install PuTTY (if you haven't already). So that we can use PLink as the SSH gateway application for Git. For better compatibility with our configurations, I'd recommend unchecking setting any defaults in the installer.
  2. Set your GIT_SSH environment variable to use C:\Program Files\PuTTY\plink.exe.
  3. Because of the env-change, restart your IDE applications (like IDEA, VSCode etc.)

Sources

Nearly all of this setup is derived from other online sources. Since no of the guides appears to be entirely up to date / cover my entire use case, I've created this as a note to myself.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment