BLUF

Using hardware private keys greatly reduces the risk of your keys being stolen

Note that much of the work here is based on https://github.com/drduh/YubiKey-Guide

Pre-setup

Windows

You need Gpg4Win or the offical GnuPG package. I recommend the GnuPG package since it's the most lightweight/

GnuPG offical binaries: ftp://ftp.gnupg.org/gcrypt/binary/

Gpg4win: https://www.gpg4win.org/get-gpg4win.html

You will also need the YubiKey Manager tool: https://www.yubico.com/products/services-software/download/yubikey-manager/

macOS

Setup homebrew if you haven't already: https://brew.sh/

Install the prerequisite packages

brew install gnupg yubikey-personalization hopenpgp-tools ykman pinentry-mac
brew install --cask yubico-yubikey-manager

Ubuntu

sudo apt update
sudo apt -y upgrade
sudo apt -y install wget gnupg2 gnupg-agent dirmngr cryptsetup scdaemon pcscd secure-delete hopenpgp-tools yubikey-personalization

Initializing the YubiKey

On Ubuntu and macOS

ykman openpgp reset

On Windows

C:\Program Files\Yubico\YubiKey Manager\ykman.exe openpgp reset