|
|
|
|
|
|
by dier
1006 days ago
|
|
|
Like the other comments, the risk of losing data/access/etc is not enough. The article even actively suggesting you DO NOT make backups of things. Now you’re ready to generate a new set of OpenPGP keys on the YubiKey, using the generate command:
gpg/card> generate
Make off-card backup of encryption key? (Y/n)
Enter n to ensure that the private keys never leave the YubiKey, and enter the admin PIN when prompted:
I suppose this is why it's an Opinionated guide as my opinions on how the actual target of a "remote adversary" should go about balancing security with risk. |
|
|
I usually don't go through quite so many steps, so if my machine was already actively compromised when I generated my keys, then the attacker has my keys.