rrix
/
complete-computing-environment
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
complete-computing-environment/using_yubikey_as_a_gpg_key.org

1.3 KiB
Raw Permalink Blame History

Using Yubikey as a GPG Key

udev makes the GPG keys owned by root in the most recent Fedoras for some reason; I have to install a udev rule to make sure they are properly owned.

- name: yubikey udev rules in place
  lineinfile:
    create: yes
    dest: /etc/udev/rules.d/99-yubikeys.rules
    regexp: '0111'
    line: 'SUBSYSTEMS=="usb", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0111", OWNER="{{local_account}}"'
  tags:
  - yubikeys

- name: yubikey udev rules in place
  lineinfile:
    create: yes
    dest: /etc/udev/rules.d/99-yubikeys.rules
    regexp: '0407'
    line: 'SUBSYSTEMS=="usb", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0407", OWNER="{{local_account}}"'
  tags:
  - yubikeys

and in My NixOS configuration this is simple:

{ pkgs, ... }:
{
  services.udev.packages = [ pkgs.yubikey-personalization ];
}