本文主要参考了这篇博客,以及这里,这里是一个简单总结。
# reset all gpg data
rm -r ~/.gnupg
# list key on YubiKey
gpg --card-status --with-keygrip
# get the date time of the key above and generate pub key with the date above
gpg --faked-system-time '20231112T191616!' --full-generate-key
# import the subkeys, use `addkey` in the prompt
gpg --faked-system-time '20231112T191616!' --edit-key A83F5C04715B2C25DB2FBEA7DBBF1C31DD587CC6
# export key
gpg --armor --export A83F5C04715B2C25DB2FBEA7DBBF1C31DD587CC6
# import key
gpg --import keys/*
# trust key, use the trust command in the prompt
gpg --edit-key A83F5C04715B2C25DB2FBEA7DBBF1C31DD587CC6
# admin the yubikey
gpg --card-edit
# encrypt
gpg --encrypt \
--recipient BE387B4AEF2E85A025C0EAF8A603F43145D6FC6D \
--recipient A83F5C04715B2C25DB2FBEA7DBBF1C31DD587CC6 \
--output output.gpg \
input_file.txt
# list the encrypted file
gpg --pinentry-mode cancel --list-packets file.gpg