This post demonstrates the procedures of encrypting and decrypting files using Yubikey; GPG4Win/Kleopatra is used in this case. This post assumes you have generated the master key and subkeys in Linux Live USB and imported those keys into Yubikey.
Install GPG4Win and verify you Yubikey keys.
Download GPG4Win from the link below and install it on your Windows PC.
Open up GPG4Win software Kleopatra and go to “Smartcards.”
Plug your Yubikey into the PC, and Click “Reload” if you have followed the process successfully in the previous post, you can see 3x keys listed.
Import Public Keys
Before you import your public key, ensure your Yubikey is “ plugged “ in. Go to “Certificates” then “Import.”
Select the public key; if you cannot find the key file, go to the right button corner and select “Any files.”
Then select “Yes, It’s Mine.”
Once imported, you can see it is “Certified” under User-IDs
Encrypt and Decrypt files
Click “Sign/Encrypt” and select the file.
Put your Yubikey PIN number in
You will see “Signing and encryption succeeded” and the file is renamed from test.txt to test.txt.gpg
To decrypt the file, double-click on the .GPG file, input your Yubikey PIN:
To enable physical touch on Yubikey when encrypting/decrypting your file, download and install Yubikey Manager from the link below.
Navigate to your Yubikey Manager folder.
Enable touch for Sign or Encrypt
.\ykman.exe openpgp keys set-touch sig on .\ykman.exe openpgp keys set-touch enc on