This repository has been archived by the owner on Jun 2, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 155
how to use with Yubikey #113
Comments
This is not really related to helm secrets. "helm secrets dec secrets.yaml" is basically the same thing as "sops -d secrets.yaml". The issue is rather to make sure that the gpg secret key on the Yubikey is available to gpg and sops. Try commands like "gpg --card-status" and "gpg -K" to verify that the Yubikey has been found and that the gpg keys on it are available. |
I think, sops depends on gpg1 where yubikey relaying on gpg2. That might be the problem |
Sops uses the "gpg" command by default. You can tell it to use e.g. "gpg2" with an environment variable: https://github.com/mozilla/sops/#specify-a-different-gpg-executable |
might be related: getsops/sops#489 (comment) |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I created my key with
gpg --expert --full-gen-key
and Yubikey in USB port.got ID from
gpg --fingerprint
and added to.sops.yaml
decrypt failed
The text was updated successfully, but these errors were encountered: