How to Encrypt/Decrypt File Using Yubikey – GPG4Win Kleopatra

This post demonstrates the procedures of encrypting and decrypting files using Yubikey; GPG4Win/Kleopatra is used in this case. This post assumes you have generated the master key and subkeys in Linux Live USB and imported those keys into Yubikey.

Install GPG4Win and verify you Yubikey keys.

Download GPG4Win from the link below and install it on your Windows PC.

Open up GPG4Win software Kleopatra and go to “Smartcards.”

Plug your Yubikey into the PC, and Click “Reload” if you have followed the process successfully in the previous post, you can see 3x keys listed.

Import Public Keys

Before you import your public key, ensure your Yubikey is “ plugged “ in. Go to “Certificates” then “Import.”

Select the public key; if you cannot find the key file, go to the right button corner and select “Any files.”

Then select “Yes, It’s Mine.”

Once imported, you can see it is “Certified” under User-IDs

Encrypt and Decrypt files

Click “Sign/Encrypt” and select the file.

Put your Yubikey PIN number in

You will see “Signing and encryption succeeded” and the file is renamed from test.txt to test.txt.gpg

To decrypt the file, double-click on the .GPG file, input your Yubikey PIN:

Extra Options

To enable physical touch on Yubikey when encrypting/decrypting your file, download and install Yubikey Manager from the link below.

YubiKey Manager | Yubico

Navigate to your Yubikey Manager folder.

Enable touch for Sign or Encrypt

.\ykman.exe openpgp keys set-touch sig on
.\ykman.exe openpgp keys set-touch enc on

Leave a Comment

Your email address will not be published. Required fields are marked *