GnuPG (gpg)

Refreshing sub-key

From a live CD, you may have to setup WiFi1.

sudo apt-get update; sudo apt-get upgrade
sudo apt -y install wget gnupg2 gnupg-agent dirmngr cryptsetup scdaemon pcscd secure-delete yubikey-personalization vim
export MYHOME=$(mktemp -d mytemp$(date +%Y%m%d)_XXX)
export GNUPGHOME=$(mktemp -d -t gnupg_$(date +%Y%m%d)_XXX)
wget -O $GNUPGHOME/gpg.conf

Mount the key files

# Enter passphrase
cryptsetup luksOpen /dev/sdc1 secret
mount /dev/mapper/secret /mnt/encrypted-storage
cd /mnt/encrypted-storage/

Import the keyfile

gpg --import mastersub.key
export KEYID=$(gpg --list-key | grep -o "0x[^ ]*")
echo $KEYID
gpg --edit-key $KEYID
mkdir /mnt/transfer
mount /dev/sdd1 /mnt/transfer/
gpg --armor --export $KEYID > gpg-$KEYID-$(date +%F).asc


Duh, . YubiKey-Guide/ at master $\cdot$ drduh/YubiKey-Guide. Github at

Links to this note