[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Guix home, guix system, channels, some noob questions
From: |
Sébastien Rey-Coyrehourcq |
Subject: |
Re: Guix home, guix system, channels, some noob questions |
Date: |
Tue, 14 Jun 2022 12:36:14 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0 |
Le 13/06/2022 à 21:31, Dominic Martinez a écrit :
sebastien rey-coyrehourcq <sebastien.rey-coyrehourcq@univ-rouen.fr>
writes:
Hi,
I jump into guile world by learning and copy/pasting Dominic Martinez
config :)
Nice to know my config helped someone! Sorry it's a bit of a mess, I
didn't really document anything.
I'm interested to better understand some Guile snippet of your config,
if you're ok, is it possible to ask that in another mail or irc ?
Everything going pretty well but now i'm blocked with yubikey
configuration.
And without yubikey that contain your only private key to
sign/decrypt everything, that's a
little complicated ...
Running "gpg --card-status" my yubikey is correclty detected. That a
good news ... BUT
that's all,
other command don't work, for example both :
gpg --list-secret-keys
gpg --list-keys
When you say it doesn't work, do you mean it doesn't list any keys? If
you have keys on your Yubikey that you used with GPG on a different
system, you'll have to re-export the key stubs for GPG to use the
Yubikey for authentication (see
https://github.com/drduh/YubiKey-Guide#switching-between-two-or-more-yubikeys).
Thanks! This only manipulation seems not enough and i finally found that
importing public key is required, from server or directly from the key ....
yourkey.asc | gpg --import
After that, everything goes well !
If you're getting other errors, you might need to enable some system
services. For instance, you need the pcscd service
(https://guix.gnu.org/manual/devel/en/guix.html#index-pcscd), and also
the udev rules appropriate for your Yubikey model
(https://github.com/Yubico/libfido2/blob/main/udev/70-u2f.rules). The
below snippet should get all Yubikey functionality working:
#+begin_src scheme
(service pcscd-service-type)
(udev-rules-service 'yubikey-rules
(udev-rule
"70-u2f.rules"
(string-append
;; All keys
"ACTION!=\"add|change\",
GOTO=\"u2f_end\"\n"
;; Yubikey
"KERNEL==\"hidraw*\", "
"SUBSYSTEM==\"hidraw\", "
"ATTRS{idVendor}==\"1050\", "
"ATTRS{idProduct}==\"0113|0114|0115|0116|0120|0121|0200|0402|0403|0406|0407|0410\",
"
"TAG+=\"uaccess\", MODE=\"0660\"\n"
;; End all keys
"LABEL=\"u2f_end\"")))
#+end_src
I already copy paste this part from your config :)
Thanks again !
Sébastien RC.
OpenPGP_0xD262AFCCE42732D3.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature