Brooklyn/gnuk/doc/gnuk-personalization.rst

=============================
Personalization of Gnuk Token
=============================


Personalize your Gnuk Token
===========================

Invoke GnuPG with the option ``--card-edit``.  ::

  $ gpg --card-edit

  Reader ...........: 234B:0000:FSIJ-1.2.0-87193059:0
  Application ID ...: D276000124010200FFFE871930590000
  Version ..........: 2.0
  Manufacturer .....: unmanaged S/N range
  Serial number ....: 87193059
  Name of cardholder: [not set]
  Language prefs ...: [not set]
  Sex ..............: unspecified
  URL of public key : [not set]
  Login data .......: [not set]
  Signature PIN ....: forced
  Key attributes ...: rsa2048 rsa2048 rsa2048
  Max. PIN lengths .: 127 127 127
  PIN retry counter : 3 3 3
  Signature counter : 0
  Signature key ....: [none]
  Encryption key....: [none]
  Authentication key: [none]
  General key info..: [none]
  
  gpg/card> 

It shows the status of the card (as same as the output of ``gpg --card-status``).

Then, GnuPG enters its own command interaction mode.  The prompt is ``gpg/card>``.

First, enabling admin command, I put name of mine.
Note that I input admin PIN of factory setting (12345678) here. ::

  gpg/card> admin
  Admin commands are allowed
  
  gpg/card> name
  Cardholder's surname: Niibe
  Cardholder's given name: Yutaka
  gpg: 3 Admin PIN attempts remaining before card is permanently locked
  
  Please enter the Admin PIN
  Enter Admin PIN: 12345678

Secondly, I put some other informations, such as language, sex,
login, and URL.  URL specifies the place where I put my public keys. ::

  gpg/card> lang
  Language preferences: ja
  
  gpg/card> sex
  Sex ((M)ale, (F)emale or space): m
  
  gpg/card> url
  URL to retrieve public key: http://www.gniibe.org/gniibe-20150813.asc
  
  gpg/card> login
  Login data (account name): gniibe

Since I don't force PIN input everytime,
toggle it to non-force-pin-for-signature. ::

  gpg/card> forcesig

Then, I quit. ::
  
  gpg/card> quit

That's all in this step.