From e7c2f86cb1148ce3ddef7a3c252a13bfec163447 Mon Sep 17 00:00:00 2001
From: Julien Escario <julien.escario@altinea.fr>
Date: Mon, 5 Oct 2020 15:35:10 +0200
Subject: [PATCH] Small fixes

---
 ssh/yubibug.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ssh/yubibug.md b/ssh/yubibug.md
index ab44d04..80859e2 100644
--- a/ssh/yubibug.md
+++ b/ssh/yubibug.md
@@ -2,14 +2,14 @@
 ## What's wrong with ED25519 and Yubikey 5 ?
 
 #### TL;DR :
-In the last weeks, I tried to setup ed25519 gnupg keys for use with SSH on my new Yubikey 5C NFC. It works like a charm but when used with an ED25519 SSH certificate, the authentication failed with an error like :
+In the last weeks, I tried to setup ed25519 gnupg keys for use with SSH on my new Yubikey 5C NFC. It works like a charm but when used with an SSH certificate, the authentication failed with an error like :
 
     sign_and_send_pubkey: signing failed for ED25519 "cardno:000615280015": agent refused operation
 
 Let's try it. For this demo, I'll let the Yubikey generate GnuPG's keys. This is easier to setup but not recommended in production as the master key can't be reused to generate other keys.
 (see here [https://support.yubico.com/hc/en-us/articles/360013790259-Using-Your-YubiKey-with-OpenPGP](https://support.yubico.com/hc/en-us/articles/360013790259-Using-Your-YubiKey-with-OpenPGP))
 
-Let's make things clear :
+Here's how to reproduce the error :
 <pre>
 $ <b>rm -R .gnupg</b>
 $ <b>rm -R .ssh</b>
@@ -188,10 +188,10 @@ $ <b>ssh-keygen -Lf .ssh/id_ed25519-cert.pub</b>
 </pre>
 At this point, you have to copy the CA's public key into your server's authorized_keys file . This can't be done with ssh-copy-id as the CA's key is not loaded into you ssh-agent nor available in the ~/.ssh directory.
 You should have something like :
-
+<pre>
     server:~# <b>cat .ssh/authorized_keys</b>
     cert-authority ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICAL7l1sQuKe4daLfKGZuiRPZZXquokQyH+p6utlZxZ+ Test CA
-
+</pre>
 Note the line beginning with cert-authority which is not common. For reference, read "AUTHORIZED_KEYS FILE FORMAT" chapter here : [http://man.he.net/man5/authorized_keys](http://man.he.net/man5/authorized_keys)
 
 Now, try to login :