Hero Image

Setting up PASS command with yubikey ed25519 key

I won't go through the whole process of getting a key onto your yubikey with ed25519 a yubikey, but once you are done, the directions for the PASS command aren't that good if you have lots of subkeys as in this setup. You need to find out your 'primary' key NOT your subkey for things to work. In my case, just list the keys with gpg --list-secret-keys This should correspond to the keys you have happily put on your yubikey. Also be sure to "DELETE" your secret keys after you put them on the yubikey.

To get pass going, you need to initiate which key to use to encrypt to:

pass init <hex key of your secret key on the yubikey>

Once that is done, most of the other things seem to 'just work' out of the box. No one would tell me that on most of the pass howtos.