If you can’t sign/decrypt with a YubiKey and Thunderbird/Enigmail you might want to add
--pinentry-mode=ask to the “additional parameters for GnuPG” in the Enigmail configuration
After setting up all the cool Encryption stuff using a YubiKey I was so happy that everything worked.
And then I set up using the YubiKey for SSH as well as described in the documents I linked in the last blogpost. It took a reboot for everything to work out as I wanted it, but I was happy. Until I wanted to send a signed Email using Thunderbird/Enigmail.
Continue reading Enigmail and the YubiKey
A few years ago Marco Pivetta and I chatted about YubiKeys. He described his setup which was absolutely amazing to me at the time. The most intriguing point was, that he could get the 2-Factor Authentication tokens from whatever phone as long as he had the YubiKey with him.
Recently my phone broke and I had to setup the whole 2-factor authentication thingy again and again. That was the time I remembered that chat again. So I decided to test it out.
Continue reading YubiKey for 2FA and GPG
So in my last blogpost I showed how to automatically create a PHAR-file using Travis-CI. It didn’t take long for a challenge to show up: Digitally sign the resulting PHAR-file.
I already did some work with encrypting and decrypting stuff for an individual automated deployment to a server a few months back. So signing stuff shouldn’t be that complicated I thought. Therefore: Challenge accepted!