From 177215003f3f2fd9e15a10a0c20df9d0cefc3cfe Mon Sep 17 00:00:00 2001 From: Julien Escario Date: Mon, 5 Oct 2020 15:46:18 +0200 Subject: [PATCH] Small bugfixes --- ssh/yubibug.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ssh/yubibug.md b/ssh/yubibug.md index 80859e2..2563a09 100644 --- a/ssh/yubibug.md +++ b/ssh/yubibug.md @@ -83,8 +83,8 @@ Your selection? 2 Please select which elliptic curve you want: (1) Curve 25519 (4) NIST P-384 - Your selection? 1 - The card will now be re-configured to generate a key of type: ed25519 +Your selection? 1 +The card will now be re-configured to generate a key of type: ed25519 gpg/card> generate Make off-card backup of encryption key? (Y/n) n @@ -95,7 +95,7 @@ You should change them using the command --change-pin Please specify how long the key should be valid. 0 = key does not expire - = key expires in n days + `` = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years @@ -189,8 +189,8 @@ $ ssh-keygen -Lf .ssh/id_ed25519-cert.pub At this point, you have to copy the CA's public key into your server's authorized_keys file . This can't be done with ssh-copy-id as the CA's key is not loaded into you ssh-agent nor available in the ~/.ssh directory. You should have something like : 
-    server:~# cat .ssh/authorized_keys
-    cert-authority ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICAL7l1sQuKe4daLfKGZuiRPZZXquokQyH+p6utlZxZ+ Test CA
+server:~# cat .ssh/authorized_keys
+cert-authority ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICAL7l1sQuKe4daLfKGZuiRPZZXquokQyH+p6utlZxZ+ Test CA
Note the line beginning with cert-authority which is not common. For reference, read "AUTHORIZED_KEYS FILE FORMAT" chapter here : [http://man.he.net/man5/authorized_keys](http://man.he.net/man5/authorized_keys)