| Err, nope, this is a work-in-progress. What are you especially interested in? Then I can provide you with details. Some random links I used: - https://btrfs.wiki.kernel.org/index.php/Incremental_Backup - https://blog.eleven-labs.com/en/openpgp-secret-keys-yubikey-... - enable touch-to-use so even malicious software cannot access your passwords: https://developers.yubico.com/PGP/Card_edit.html#_yubikey_4_... - https://www.passwordstore.org/ - https://play.google.com/store/apps/details?id=dev.msfjarvis.... - https://aur.archlinux.org/packages/mkinitcpio-gnupg/ (I'm thinking on replacing this with PKCS#11, more keys to manage but PKCS#11 is supported natively with systemd so one less dependency). Hmm... maybe I should really document that... |
- https://blog.eleven-labs.com/en/openpgp-secret-keys-yubikey-...
Sounds like a good start, I'm going to have to do much more reading on this, I use my YubiKey just as a browser 2nd factor for a few 2FA apps.
In general I'm not sure how the YubiKey stores keys and till now I had no idea you can backup YubiKey
> The key unlocks access to passwords stored in pass. Because pass is based on git and gpg can be used to access SSH then the same yubikey is used to pull/push changes to pass and read encrypted passwords. On both the laptop and the phone (Password Store).
I'm not sure about storing the master keychein file in Git, but the workflow sounds interesting (I didn't fully understand the paragraph though).
> Data on the computer is LUKS-encrypted, unlocked by the Yubikey. Full backup of my laptop's SSD is done via btrfs send/receive to a raid1 array of 3 disks (raid1c3) on a regular intervals. A small subset if very important data (documents) is also backed up via restic to S3 and Backblaze.
This is next level and not of immediate interest to me. I was looking at something simpler like: https://cryptomator.org/