Gute Information

The token comes with two PINs: the user PIN, default value „123456“; and the admin PIN, default value „12345678“. It is recommended to change these PINs.

gpg –card-edit
admin
generate
(Sicherung anlegen, Key auf 4096 Byte)
passwd
(beide Passwörter ändern)

in~/.gnupg/gpg-agent.conf

pinentry-program /usr/local/MacGPG2/libexec/pinentry-mac.app/Contents/MacOS/pinentry-mac
enable-ssh-support
write-env-file
use-standard-socket
default-cache-ttl-ssh 10
default-cache-ttl 60
max-cache-ttl 60

in ~/.bash_profile

#######################################
GPG_TTY=$(tty)
export GPG_TTY
if [ -f "${HOME}/.gpg-agent-info" ]; then
. "${HOME}/.gpg-agent-info"
export GPG_AGENT_INFO
export SSH_AUTH_SOCK
fi

_complete_ssh_hosts ()
{
COMPREPLY=()
cur="${COMP_WORDS[COMP_CWORD]}"
comp_ssh_hosts=`cat ~/.ssh/known_hosts | \
cut -f 1 -d ' ' | \
sed -e s/,.*//g | \
grep -v ^# | \
uniq | \
grep -v "\[" ;
cat ~/.ssh/config | \
grep "^Host " | \
awk '{print $2}'
`
COMPREPLY=( $(compgen -W "${comp_ssh_hosts}" -- $cur))
return 0
}
complete -F _complete_ssh_hosts ssh

#################################

ssh-add -L > [my-public-key.pub]

auf Server kopieren:

ssh-add -L | ssh root@10.XXX.XXX.XXX 'cat >> .ssh/authorized_keys && echo "Key copied"'

Die Schlüssel sichern und löschen auf dem lokalen Rechner,
auch aus PGP Schlüsselring!