feat(yubikey): configure GPG signing key and disable GCR ssh-agent
Set actual GPG key ID for git commit signing, disable GCR ssh-agent socket so gpg-agent handles SSH auth, and trim redundant setup steps from yubikey guide.
This commit is contained in:
-22
@@ -1,27 +1,5 @@
|
||||
# Post-Rebuild YubiKey Setup Guide
|
||||
|
||||
## Step 0: Rebuild & Reboot
|
||||
|
||||
```bash
|
||||
nixos-rebuild switch
|
||||
# Then reboot to ensure gpg-agent replaces gnome-keyring as SSH agent
|
||||
reboot
|
||||
```
|
||||
|
||||
After reboot, verify the new environment:
|
||||
|
||||
```bash
|
||||
gpg --version # Should show GnuPG 2.4+
|
||||
ykman info # Should show your YubiKey model/serial
|
||||
gpg --card-status # Should show the YubiKey smartcard
|
||||
echo $SSH_AUTH_SOCK # Should point to gpg-agent socket, NOT gcr
|
||||
```
|
||||
|
||||
> If `gpg --card-status` hangs or errors, restart pcscd:
|
||||
> `sudo systemctl restart pcscd`
|
||||
|
||||
---
|
||||
|
||||
## Step 1: Generate GPG Master Key
|
||||
|
||||
```bash
|
||||
|
||||
Reference in New Issue
Block a user