Yubikey Reset Pgp

Posted on

I have recevied my new Yubikey 4 nano from Yubico to replace my “unsafe” key, in the sametime I don’t want to leave my PGP key somewhere so some steps to remove PGP keys on Yubico 4.

Quickly connected with GPG2 gpg --card-edit

/Users/frbayart k : gpg --card-edit

Reader ...........: Yubico Yubikey 4 OTP U2F CCID
Application ID ...: D2760001240102010006059725060000
Version ..........: 2.1
Manufacturer .....: Yubico
Serial number ....: 05972506
Name of cardholder: [not set]
Language prefs ...: [not set]
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: rsa4096 rsa4096 rsa4096
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 17
Signature key ....: 2AAA C497 6AD8 6290 0F41  E969 6AFD 1068 9108 DDFC
      created ....: 2017-09-27 22:00:52
Encryption key....: 4E18 ED7D 3052 4593 A2BD  3620 1D5C 929E 7AA3 6A89
      created ....: 2017-09-27 22:00:52
Authentication key: 3C92 A5E5 20FB D3E1 1D53  513A EEC9 7BF5 8096 4A9B
      created ....: 2017-09-27 22:00:52
General key info..: pub  rsa4096/6AFD10689108DDFC 2017-09-27 Francois Bayart <francois.bayart@kensu.io>
sec>  rsa4096/6AFD10689108DDFC  created: 2017-09-27  expires: 2017-12-26
                                card-no: 0006 05972506
ssb>  rsa4096/EEC97BF580964A9B  created: 2017-09-27  expires: 2017-12-26
                                card-no: 0006 05972506
ssb>  rsa4096/1D5C929E7AA36A89  created: 2017-09-27  expires: 2017-12-26
                                card-no: 0006 05972506

Enter in admin mode

gpg/card> admin
Admin commands are allowed

Run a reset factory

gpg/card> factory-reset
gpg: OpenPGP card no. D2760001240102010006059725060000 detected

gpg: Note: This command destroys all keys stored on the card!

Continue? (y/N) y
Really do a factory reset? (enter "yes") yes

gpg/card> quit

Check the result with the same firt step

/Users/frbayart k : gpg --card-edit

Reader ...........: Yubico Yubikey 4 OTP U2F CCID
Application ID ...: D2760001240102010006059725060000
Version ..........: 2.1
Manufacturer .....: Yubico
Serial number ....: 05972506
Name of cardholder: [not set]
Language prefs ...: [not set]
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

gpg/card>