YubiKey Setup | Rémi Bardon’s blog

In this series of articles, I detail how I managed to configure my YubiKey security key to handle signing, encryption and authentication on my machine, removing the need for any other cryptographic key like SSH keys. I configured my git client to use GPG for signing and my SSH agent to use it for authentication. All of this can happen if I have my physical key inserted into my computer, otherwise it is impossible. I even added extra security by requiring a “card tap” (touching my security key) when signing and having to accept a PINEntry dialog when initializing SSH connections.

Refresh GPG keys

How to refresh GPG keys before they expire.
- December 6, 2024
- 1 min
- Rémi Bardon
Linking GPG keys to a YubiKey

Having private GPG keys on your machine can be unsafe, because it could be stolen by a malicious program. If you have a YubiKey, you can move those private keys to it, ensuring they’re stored in a secure place and protected by a passcode. This article explains how to move GPG subkeys to a YubiKey and require card taps when signing, encrypting and/or authenticating.
- December 10, 2023
- Updated on December 6, 2024
- 16 min
- Rémi Bardon
Using GPG keys for git signing

WIP
- December 10, 2023
- 1 min
- Rémi Bardon
Creating GPG keys the right way

WIP
- December 10, 2023
- Updated on December 6, 2024
- 19 min
- Rémi Bardon
What are GPG keys?

In this article, I explain what GnuPG is and its differences with PGP, gpg and OpenPGP. I aslo go into the details of how a GnuPG key is structured, what you can find inside it and explain some of its core concepts.
- December 10, 2023
- 6 min
- Rémi Bardon