<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Emil</p>
<p>Thank you, i tend to do this on an offline raspberry with a
dedicated SD card. I have also done this on a Tails distro. I
always do it off the yubikey, and lock a backup on an encrypted
usb stick. <br>
</p>
<p>Mark</p>
<p><br>
</p>
<div class="moz-cite-prefix">On 11/02/2019 11:49, Emil Lundberg
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAJgCmPzPV7ynViOJweMk3uQhYFk0pRWXX6j=8tn1fxJ_y_p0Jg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div>Hi Mark,</div>
<div><br>
</div>
<div>While you're going through the effort of re-encrypting
things, I would recommend that you create your encryption
subkey outside the YubiKey (preferably in an airgapped
environment) and import it, rather than generate it on board
the YubiKey, so that you can have a backup of it*. At least if
you're using the same encryption subkey for anything else than
Pass - an alternative solution for Pass is to have the
password store encrypted with more than one subkey, but that
won't help if you end up with other things encrypted to only
one subkey and lose that subkey. Just a friendly warning. :)</div>
<div><br>
</div>
<div>*Note that you typically don't need backups of signature or
authentication subkeys, because signature verification only
needs the public keys - unlike encryption subkeys, because
decryption needs the private keys to be long-lived.<br>
</div>
<div><br>
</div>
<div>/Emil<br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Sun, 10 Feb 2019 at 23:23
Jake Yip <<a href="mailto:jake.yip@ardc.edu.au"
moz-do-not-send="true">jake.yip@ardc.edu.au</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hi Mark,
<div><br>
</div>
<div>Are you referring to re-encrypting your pass store
with the new key on your Yubikey 5? In that case, I've
managed to do that by doing `pass init [-p <path>]
old-key-ids new-key-id. Where old-key-ids are ids in
.gpg-id.</div>
<div><br>
</div>
<div>Hope that helps,<br>
Jake<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Sun, Feb 10, 2019 at
11:29 PM Mark Stanhope <<a
href="mailto:Mark@stanhope.org.uk" target="_blank"
moz-do-not-send="true">Mark@stanhope.org.uk</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">Hello, first time
poster.<br>
<br>
I have used Pass for a while using a Yubikey Neo as the
store for my GPG<br>
keys. The new yubikey 5 supports 4096 keys, whilst the
NEO did not<br>
support above 2048 for NFC.<br>
<br>
So i am planning to move to the new Yubikey 5, but cant
currently find<br>
anything about adding or removing GPG keys from a pass
git rep.<br>
<br>
Any suggestions are very welcome, thank you in advance.<br>
<br>
Mark<br>
<br>
<br>
_______________________________________________<br>
Password-Store mailing list<br>
<a href="mailto:Password-Store@lists.zx2c4.com"
target="_blank" moz-do-not-send="true">Password-Store@lists.zx2c4.com</a><br>
<a
href="https://lists.zx2c4.com/mailman/listinfo/password-store"
rel="noreferrer" target="_blank"
moz-do-not-send="true">https://lists.zx2c4.com/mailman/listinfo/password-store</a><br>
</blockquote>
</div>
<br clear="all">
<div><br>
</div>
-- <br>
<div dir="ltr" class="m_8505324336699254937gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<table style="font-family:"Times New
Roman";background:none;border:0px;margin:0px;padding:0px"
cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<td style="padding:0px 7px 0px
0px;border-width:0px;border-style:initial;border-color:initial"
valign="top">
<table
style="background:none;border:0px;margin:0px;padding:0px"
cellspacing="0" cellpadding="0"
border="0">
<tbody>
<tr>
<td style="padding:0px">
<table
style="background:none;border:0px;margin:0px;padding:0px"
cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<td colspan="2"
style="padding-bottom:5px;color:rgb(31,31,31);font-size:16px;font-family:Georgia,Times,"Times
New
Roman",serif;font-weight:bold">Jake
Yip<br>
</td>
</tr>
<tr>
<td colspan="2"
style="padding-bottom:20px;color:rgb(31,31,31);font-size:12px;font-family:Arial,Helvetica,sans-serif">DevOps
Engineer<br>
</td>
</tr>
<tr>
<td colspan="2"
style="padding-bottom:20px;color:rgb(31,31,31);font-size:12px;font-family:Arial,Helvetica,sans-serif;line-height:16.2px"><span
style="font-weight:bold">M</span> <a href="tel:+61+383+443+669"
style="color:rgb(31,31,31);line-height:16.2px"
target="_blank"
moz-do-not-send="true">+61
383 443 669</a><br>
<a
href="mailto:tsuey.cham@ardc.edu.au"
style="color:rgb(31,31,31);line-height:16.2px" target="_blank"
moz-do-not-send="true">jake.yip@ardc.edu.au</a> <br>
<a
href="http://www.ardc.edu.au"
style="color:rgb(31,31,31);font-weight:bold;line-height:16.2px"
target="_blank"
moz-do-not-send="true">ardc.edu.au</a></td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr style="padding-top:0px">
<td style="padding:0px 7px 0px
0px;border-width:0px;border-style:initial;border-color:initial"
valign="top"><a
href="http://ardc.edu.au"
style="color:rgb(31,31,31);font-weight:bold;font-size:12px;line-height:16.2px"
target="_blank"
moz-do-not-send="true"><img
src="https://lh3.googleusercontent.com/jkSF_JUFoEFHgiv-uuus2iSzlFA40l_jCKsjgAxQwMGvA_we1qP8yd5H7qrF6Ap9iJf6ZgeUXoN9-CSKYmcDSXK-GwxVckZ_7k2aAmml4N8SMMC2ZuVEYHQoEQgiLUm9ySyU1uMVfSP6qLa3mzZX0oAmjOarkhm5gp-fdzoPtmH8fWpuW-c2ih_M6sXfAs0Sqv95hYXo9nstxt4-ednQF9CIHh2pNpja4iBnaDNJbfNOMaNglLyIZTVnWhsczrUHXy4Du7JGhKipWssfzZsISuUcoSnxsRWsvQVbH4-K0QqmdRWpOOUZitq-iu80fRtcj3yJKSubSfMyws2sOolMK3rLR8WY4LabO_8UhHQRcnTjz_9UvHv3FUvfvvAqF9yClsxMnT05udatNO_ptUrHk-8C_ODDx0PxsJHVqsJahgaXZ4yGKBF89XZgJ1Q4nU-hz7V72Yk5-CAH2GPSrcboJvIjOhOSSo7r5S5mGcd5hjJsG9K5uyPxs8NeJPp1r8ND61ux_oD9PoS-meQaPI50xwfqQrQfdEDs-shAKWCUjnGT_ZudXTH36K6R-9R9OvueDY3OnwI4UA5jS6NohW2KtDhGOw=w320-h200-k"
alt="ardc.edu.au"
style="width:200px;height:66px;color:rgb(29,30,42);font-family:Arial,Helvetica,sans-serif"
moz-do-not-send="true"
width="200" height="66"></a></td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td style="padding:25px 0px
0px;border-width:0px;border-style:initial;border-color:initial"
valign="top">
<table
style="background:none;border:0px;margin:0px;padding:0px"
cellspacing="0" cellpadding="0"
border="0">
<tbody>
<tr>
<td style="padding:0px 12px 20px
0px;border-width:0px;border-style:initial;border-color:initial"
valign="top"><img
src="https://lh3.googleusercontent.com/w4V8Osu0QNOl62CfxqjvlCn8w82UcqLZn_15yM8cbSVIqhIt0lm34n7wr2PSr5pMtPggb_oGZuxUj9enUeoT4lQOywiFxcPxFYMUXG_Q9oAqwXzuOmAVlHcCTQBcI2h18W0R3jzzslH_wsnrFuU4jTKXCsWsc8MKlR73WfEnyhR0lzs23zmUO8CO1uVM-AfcOd5jCT4n2vhpdzBx6S7slFPNUn74SQJaIOC_yh3-MM0R4NgJ5L5Qgv2I1JJkP_evDjSY205-EUavuFpMiSTsRSl5PWT0l9HL81x3b8OhpiVr6TGJOpKUbMOvD_JkjijKzJTjySfjDywrfo1ZeRnyHKDt8YBY7cQlIAYmhyGC3CFqYrrurwtch3_BcNPKe96bnimHddlJJ4gbi0IPGAXeEyyQAe05TTSSmu3Rdyd9NLQDTxRpHdS-moDsuaZle-6gBuXlkGfmdiuSMX2nokjyL1bih1uDW0rOHWkSL_G1WheJ0pPJdkS9J56QOLtO3YxE6lSizKq7ifTuECHx5eBJA-x0zhdkBpV1Q2iCgLeDetRE1QkiwHtrxjdFA2N3FfmSZcP6D17kePxxaFx6n_8NNmgtDw=w320-h200-k"
style="color:rgb(102,102,102);font-size:12px;font-family:Arial,Helvetica,sans-serif"
moz-do-not-send="true"
width="68" height="49"></td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td
style="padding-bottom:5px;padding-left:0px;padding-right:0px;border-width:0px;border-style:initial;border-color:initial"
valign="top">
<table
style="background:none;border:0px;margin:0px;padding:0px"
cellspacing="0" cellpadding="0"
border="0">
<tbody>
<tr>
<td style="padding:0px 12px 0px
0px;border-width:0px;border-style:initial;border-color:initial"
valign="top"><a
href="https://twitter.com/ands_nectar_rds"
target="_blank"
moz-do-not-send="true"><img
src="https://lh3.googleusercontent.com/mq9gMXdFq5POuTV9v9pdedYaKS4kCOCpaBr2dtZjIqtejxtE4-M8lrMCjXAzh5ZteRRmLcuNgJTDEbZ6Qd8PeinVqIw_5a3_SsjAWCMbihFF8bppWp3VfOimLjT3Krpg4MxpLoW9tHL_Qz0I1x6eOms_vQukMCpTK2rkKCGTGLKVmqFXBsT0ZvCZzjbGGJvTPnhdako3Rh9vE7N8MXth6guh2oaMeKN-7RRmIapEdZK_vIvq6zxsc8WRzGBKb6Yv6nJ51Qdvd-HBJXtRisu84j30OVs2sJpClZNqOf057EVHOvsN9FH44Pog_WK_0zVZS0XRgIye_pcnnUvV5UxPH9nGZvVY4mB0XlK0a8SSuhbXgNW0vckjqfl_a3oVA3YynREr2pWTS77ZxI8YUDxgEevCrIkF9jCrzn0Yr_9xmWKaWSgXnOaSfv9P-BuF1eQMLBty84TAE-69L6NwVTVzPJ6L9H8Caq3x5S3Rs85xQIeumxk_pzP4GAGmIlHHMVKxeQWDiHgmlN8QwykHu3F3vgHTG74uyVreg5-3BmxvYyIs28I_cp2OMYBBFWfBvcCbZNk9gNfPtc9SyVnacNeHcx9C5Q=w320-h200-k"
style="color:rgb(102,102,102);font-size:12px;font-family:Arial,Helvetica,sans-serif"
moz-do-not-send="true"
width="16" height="16"></a></td>
<td style="padding:0px 12px 0px
0px;border-width:0px;border-style:initial;border-color:initial"
valign="top"><a
href="https://www.youtube.com/user/andsdata"
target="_blank"
moz-do-not-send="true"><img
src="https://lh3.googleusercontent.com/Niao3q9A99V4w1LhlPKvWWbzBQeEjiQWKPjnohFU37VH4J50eGVESL2y_AoW_M1XEKndyDIqQCtQPc4x0_5_Q4h9rs3ISDpta-VwHYW-eEnHDDb1KidNlTdFUG-7H7ctfM6JZXeF1SWXQh94euRGGnzOII2YW3_fqqCia6PujJH3fVNkEmoruNkDxbdz36GT3FegLEpaIm4Mb4U_BKbls47e_HkLXiq921tY4ElztauY_3ATt2BwhxkRnfgn_GOagslNoLwVnAjuEx25K0H7IHZHTiQjh4KztfGPj75BotkvmyvFrbgVbUPu7vhM6N2UjZ5W_ohOPWz7QzTRl_oSjZMbv1YMvTzvVFY91tHFnJbiTx8gMh1BIdg2tjI3GedntKhgDn_6Jum0mhNhjdkwf3f7RQScwbKwYloDIGBMNzIjlD5m7mqd8Dn6aQ095ulzm6yAKUAwecVrixCPpKM3qK45-_O04vlP9pNJoXoLTXlCLIZ-rAEp7wwAX7my3g0VOk0ZqH8OJoFfR67yr0MoTlooRBiTmsbxH93MBPgU7gaaGAkuFzBY-Xhpvmi5vXy7Im0wEaO43WpWs3NhX_WYSYSjTQ=w320-h200-k"
style="color:rgb(102,102,102);font-size:12px;font-family:Arial,Helvetica,sans-serif"
moz-do-not-send="true"
width="16" height="16"></a></td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td style="padding:10px 0px
0px;border-width:0px;border-style:initial;border-color:initial"
valign="top">
<table
style="background:none;border:0px;margin:0px;padding:0px"
cellspacing="0" cellpadding="0"
border="0">
<tbody>
<tr>
<td
style="padding-bottom:5px;padding-right:12px;color:rgb(102,102,102);font-size:10px;font-family:Arial,Helvetica,sans-serif;font-style:italic;line-height:13.5px">ARDC
acknowledges the Traditional
Owners of the lands <br>
that we live and work on across
Australia and pays its respect <br>
to Elders past and present.</td>
</tr>
<tr>
<td
style="padding-bottom:20px;padding-right:12px;color:rgb(102,102,102);font-size:10px;font-family:Arial,Helvetica,sans-serif;font-style:italic;line-height:13.5px">Please
consider the environment before
printing this e-mail.</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
_______________________________________________<br>
Password-Store mailing list<br>
<a href="mailto:Password-Store@lists.zx2c4.com"
target="_blank" moz-do-not-send="true">Password-Store@lists.zx2c4.com</a><br>
<a
href="https://lists.zx2c4.com/mailman/listinfo/password-store"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://lists.zx2c4.com/mailman/listinfo/password-store</a><br>
</blockquote>
</div>
</div>
</blockquote>
</body>
</html>