Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- suse:nitrokey:start [06.08.2020 19:54. ] – [SSH-Verbindung aufbauen] django
+++ suse:nitrokey:start [30.08.2020 11:17. ] (aktuell) – [ED25519-Schlüssel generieren] django
@@ Zeile 370: / Zeile 370: @@
 Zum Schluss verlassen wir das Programm **gpg2** mit ''**quit**''.
-  gpg/card> quit</code>
+  gpg/card> quit
-Fragen wir nun erneut mit den Befehl ''**gpg2 --card-status**'' welcher Schlüssel-Typ eingestellt ist, finden wir unsere geänderten Werte.
+Fragen wir nun erneut mit den Befehl ''**gpg2 %%--%%card-status**'' welcher Schlüssel-Typ eingestellt ist, finden wir unsere geänderten Werte.
    $ gpg2 --card-status | grep Key\ attributes
@@ Zeile 436: / Zeile 436: @@
 gpg: key 9308FC78386863AC marked as ultimately trusted
 gpg: revocation certificate stored as '/home/django/.gnupg/openpgp-revocs.d/3E61A50347B523824132EC069308FC78386863AC.rev'
-public and secret key created and signed.<code>
+public and secret key created and signed.</code>
 Fragen wir nun den Inhalt der SmartCard mit dem Befehl ''**verify**'' ab, finden wir unsere gerade erstellten Schlüssel.
@@ Zeile 972: / Zeile 972: @@
 ==== Nitrokey Start und X.509 / S/MIME ====
+=== micro-ca-tool ===
+== Vorbereitung ==
+   $ mkdir ~/nitrokey
+   $ cd  ~/nitrokey
+   $ git clone https://github.com/sektioneins/micro-ca-tool.git
+   $ ln -s ~/nitrokey/micro-ca-tool/micro-ca-tool ~/bin/micro-ca-tool
+   $ micro-ca-tool -h
+<code>                 mmm    mm         mmmmmmm               ""#
+ m   m         m"   "   ##            #     mmm    mmm     #
+ #   #         #       #  #           #    #" "#  #" "#    #
+ #   #   """   #       #mm#   """     #    #   #  #   #    #
+ #mmm#m         "mmm" #    #          #    "#m#"  "#m#"    "mm
+ #
+ "               (C) 2015 SektionEins GmbH / Ben Fuhrmannek
+                 https://sektioneins.com/
+                 https://github.com/sektioneins/micro-ca-tool
+[#] Version: 0.1
+Welcome to µ-CA.
+This tool will help you to perform basic tasks with your CA:
+* Create CA as files
+* or Create CA on a SmartCard
+* or Create CA as files and store on SmartCard
+* Create intermediate CA
+* Sign other certificates
+* Backup CA key with n-of-m scheme key sharing
+* Create client certificates
+* Basic SmartCard functions: Info, Read, Write, Generate keys, Reset
+SECURITY NOTE: This tool handles secret keys. As such it is best to follow the
+following guidelines:
+* Use this tool only on single-user and non-networked systems.
+* Make sure files are stored on an encrypted filesystem only. E.g. copy this
+script to a crypto-container.
+* Do not leave unencrypted private keys when done. Better encrypt them for
+backup or store them on an HSM.
+* When done, unmount the encrypted filesystem.
+[#] Usage: /home/django/bin/micro-ca-tool [-c <config>] [-v] [-h] [<menu> <submenu>]
+[#]   -c  specify alternative config file
+[#]   -v  be verbose
+[#]   -h  show this help message
+[#]  optional [<menu> <submenu>] directly calls a function, then exits.</code>
+== PIN Setzen ==
+Zunächst setzen wir die Admin und anschließend die User PIN.
+   $ micro-ca-tool gpg pin
+<code>                 mmm    mm         mmmmmmm               ""#
+ m   m         m"   "   ##            #     mmm    mmm     #
+ #   #         #       #  #           #    #" "#  #" "#    #
+ #   #   """   #       #mm#   """     #    #   #  #   #    #
+ #mmm#m         "mmm" #    #          #    "#m#"  "#m#"    "mm
+ #
+ "               (C) 2015 SektionEins GmbH / Ben Fuhrmannek
+                 https://sektioneins.com/
+                 https://github.com/sektioneins/micro-ca-tool
+[#] Version: 0.1
+gpg: OpenPGP Karte Nr. D276000124010200FFFE432438190000 erkannt
+- change PIN
+- unblock PIN
+- change Admin PIN
+- set the Reset Code
+Q - quit
+Ihre Auswahl?</code>
 /*
 https://github.com/OpenSC/OpenSC/wiki/OpenPGP-card