A placeholder for notes and links related to the GnuPG presentation at RISE.
- The presentation will be centered around Linux, but I will try to include Windows and MacOS as I can.
- The approach I use to manage GnuPG is drduh/Yubikey-Guide. This is the main resource that I would recommend people review beforehand, but it should not be essential.
- The links in the docs section are useful but not essential.
- After detailing the high-level components, I hope to walk through the initial configuration of the Yubikey OpenPGP app on a Linux VM.
- After this, I plan to discuss some common problems users can encounter.
Then, I will cover applications of GnuPG and Yubikey:
- starting from simple: SSH; signing emails or commits; etc
- covering other use-cases: accessing tokens with unix `pass`; creating & decrypting x509 certificates without creating plaintext files
- and covering increasingly advanced usage as time permits
Middleware to access a smart car using SCard API.
To troubleshoot `gpg-agent` and Yubikey interactions on Linux, it’s crucial to have at least a high-level understanding of these components.
- `pscsd` runs as a system service to interface with the smartcard via CCID
- `gpg-agent` spawns `scdaemon` to interact with `pcscd`.
- Developer Docs
- SCDaemon: manpage and
- Using a TPM with GnuPG 2.3 (official blog)
Source for GnuPG Projects
GnuPG
- The presentation assumes GnuPG 2.3 GnuPG 2.3
- GnuPG Stable Branch (2.2)
- GnuPG Development Branch
Other Projects:
- GnuPG Docs
- gpgpass: GUI for GnuPG Password Manager
- scute, a PKCS#11 implementation
To be detailed later.