Hi Mark, While you're going through the effort of re-encrypting things, I would recommend that you create your encryption subkey outside the YubiKey (preferably in an airgapped environment) and import it, rather than generate it on board the YubiKey, so that you can have a backup of it*. At least if you're using the same encryption subkey for anything else than Pass - an alternative solution for Pass is to have the password store encrypted with more than one subkey, but that won't help if you end up with other things encrypted to only one subkey and lose that subkey. Just a friendly warning. :)
*Note that you typically don't need backups of signature or authentication subkeys, because signature verification only needs the public keys - unlike encryption subkeys, because decryption needs the private keys to be long-lived. /Emil On Sun, 10 Feb 2019 at 23:23 Jake Yip <[email protected]> wrote: > Hi Mark, > > Are you referring to re-encrypting your pass store with the new key on > your Yubikey 5? In that case, I've managed to do that by doing `pass init > [-p <path>] old-key-ids new-key-id. Where old-key-ids are ids in .gpg-id. > > Hope that helps, > Jake > > On Sun, Feb 10, 2019 at 11:29 PM Mark Stanhope <[email protected]> > wrote: > >> Hello, first time poster. >> >> I have used Pass for a while using a Yubikey Neo as the store for my GPG >> keys. The new yubikey 5 supports 4096 keys, whilst the NEO did not >> support above 2048 for NFC. >> >> So i am planning to move to the new Yubikey 5, but cant currently find >> anything about adding or removing GPG keys from a pass git rep. >> >> Any suggestions are very welcome, thank you in advance. >> >> Mark >> >> >> _______________________________________________ >> Password-Store mailing list >> [email protected] >> https://lists.zx2c4.com/mailman/listinfo/password-store >> > > > -- > Jake Yip > DevOps Engineer > M +61 383 443 669 <+61+383+443+669> > [email protected] <[email protected]> > ardc.edu.au <http://www.ardc.edu.au> > [image: ardc.edu.au] <http://ardc.edu.au> > <https://twitter.com/ands_nectar_rds> > <https://www.youtube.com/user/andsdata> > ARDC acknowledges the Traditional Owners of the lands > that we live and work on across Australia and pays its respect > to Elders past and present. > Please consider the environment before printing this e-mail. > _______________________________________________ > Password-Store mailing list > [email protected] > https://lists.zx2c4.com/mailman/listinfo/password-store >
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
