Pata Pata Patazerty

## hsmghpg.rst

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              3 stars
            
          
                Patazerty
                / hsmghpg.rst
            
            
              Created
              July 3, 2023 09:16
            
              
                Nitrokey HSM 2 GPG setup
              
          
    Nitrokey HSM GPG setup

I was investigating the use of Hardware Security Modules (HSMs) to better secure some stuff at work. Our choice was a Nitrokey HSM 2 for its convenient price, features and open approach, including hardware. Unfortunately Nitrokeys's documentation is sparse at best and there is not much available documentation online to guide new users to get HSMs to work with GnuPG (GPG): it's even the opposite with some forum posts indicating that the Nitrokey HSM 2 is not compatible with GPG.
From what seems to be the current state of things, GPG works out of the box with OpenPGP cards (which are

  
## docker-compose.yml
version: "2"

services:
  portus:
    image: opensuse/portus:head
    environment:
      - PORTUS_MACHINE_FQDN_VALUE=${MACHINE_FQDN}
      - PORTUS_SECURITY_CLAIR_SERVER=http://clair:6060

      # DB. The password for the database should definitely not be here. You are
	version: "2"

	services:
	portus:
	image: opensuse/portus:head
	environment:
	- PORTUS_MACHINE_FQDN_VALUE=${MACHINE_FQDN}
	- PORTUS_SECURITY_CLAIR_SERVER=http://clair:6060

	# DB. The password for the database should definitely not be here. You are