#language en ~-[[DebianWiki/EditorGuide#translation|Translation(s)]]: none-~ ---- This page provides hints on Gnuk. ## If your page gets really long, uncomment this Table of Contents <> == Gnuk == Gnuk is an implementation of USB cryptographic token for GNU Privacy Guard. Gnuk supports OpenPGP card protocol version 3, and it runs on STM32F103 processor. Gnuk is a Pure Free Software on Free Hardware. It's development is lead by gNiibe (a DD). It has supports of EdDSA, ECDSA (with NIST P256 and secp256k1), and ECDH (with X25519, NIST P256 and secp256k1), but this ECC feature is somehow experimental, and it requires modern GnuPG 2.2 with libgcrypt 1.7.0 or later. It also supports RSA-4096, but users should know that it takes more than 8 seconds to sign/decrypt. Key generation of RSA-4096 just fails, because the device doesn't have enough memory. Run gpg on the host machine instead to generate RSA-4096. == Gnuk Software == * Salsa: https://salsa.debian.org/gnuk-team -- all related repos. (active) * Gnuk repo: https://salsa.debian.org/gnuk-team/gnuk/gnuk * Chopstix repo: https://salsa.debian.org/gnuk-team/chopstx/chopstx * Upstream: http://git.gniibe.org/gitweb/?p=gnuk/gnuk.git * Software announce: http://www.fsij.org/category/gnuk.html (old) == Gnuk Hardware == Hardware requirement for Gnuk is the micro controller STM32F103. In version 1.1.x, Gnuk supports following boards. * FST-01 (Flying Stone Tiny ZERO-ONE) * Reference hardware: http://wiki.seeed.cc/FST-01/ * Although the web page say "it is out of stock", if you ask, they may have it ;-) (according to gniibe) * Olimex STM32-H103 * STM32 part of STM8S Discovery Kit * STBee * STlink V2 compatibles * https://blog.danman.eu/2-usb-crypto-token-for-use-with-gpg-and-ssh/ * http://blog.dan.drown.org/gnuk-open-source-gpg-ssh-hardware-key-storage/ * https://github.com/blacksphere/blackmagic/issues/62 (ST32F101) * Nitrokey Start == Gnuk Documentation == * http://git.gniibe.org/gitweb/?p=gnuk/gnuk.git;a=blob_plain;f=README;hb=HEAD (English, current) * https://debconf17.debconf.org/users/gniibe/ (Debconf17 talk, 2017) * https://www.gniibe.org/pdf/openpgp-2016/gnuk-1_2.html (openpgp, 2016) * http://www.fsij.org/doc-gnuk/ (English, 2012) * https://www.gniibe.org/ (gNiibe's web pages in English) * https://www.gniibe.org/category/memo.html (GnuPG+Gnuk hints, -2017) * https://www.gniibe.org/memo/development/fst-01/dongle/fst-01-swd-connection.html (SWD, 2012) * http://www.gniibe.org/category/fst-01.html (-2017) * http://www.gniibe.org/FST-01/fst-01.html (2016) * http://no-passwd.net/fst-01-gnuk-handbook/index.html (By gNiibe, Japanese) * http://d.hatena.ne.jp/tmatsuu/20101112/1289587685 (Japanese) == Gnuk usage reminders == * Backup your secret keys before transferring them to Gnuk. * Use new Gnupg 2.2 {{{ $ sudo apt install gnupg scdaemon }}} Please note that the factory settings of the PINs are * PIN = '123456' * Admin PIN = '12345678' == GnuPG practice basics == * https://keyring.debian.org/creating-key.html (2016?) * https://www.programmierecke.net/howto/gpg-ssh.html (2011) ## You can add other _helpful_ links here. ##== See also == ---- ## If this page belongs to an existing Category, add it below. ## CategorySomething | CategoryAnother