gpg签名用法

时间:2022-08-23 17:47:42

gpg签名用法

– 在CentOS 6上生成公钥/私钥对

[root@localhost ~]# gpg --gen-key
gpg (GnuPG) 2.0.; Copyright (C) Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Please select what kind of key you want:
() RSA and RSA (default)
() DSA and Elgamal
() DSA (sign only)
() RSA (sign only)
Your selection? #选择密钥类型
RSA keys may be between and bits long.
What keysize do you want? () #选择密钥长度
Requested keysize is bits
Please specify how long the key should be valid.
= key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? () # 选择密钥有效期(0为永久有效)
Key does not expire at all
Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: shell #输入用户名
Email address: shell@.com # 输入用户邮箱
Comment: shell # 用户描述
You selected this USER-ID:
"shell (shell) <shell@163.com>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key. can't connect to `/root/.gnupg/S.gpg-agent': No such file or directory (pinentry-gtk-:): GLib-GObject-CRITICAL **: Object class GtkSecureEntry doesn't implement property 'editing-canceled' from interface 'GtkCellEditable' (pinentry-gtk-:): GLib-GObject-CRITICAL **: Object class GtkSecureEntry doesn't implement property 'editing-canceled' from interface 'GtkCellEditable'
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key 6D9DAFDF marked as ultimately trusted
public and secret key created and signed. gpg: checking the trustdb
gpg: marginal(s) needed, complete(s) needed, PGP trust model
gpg: depth: valid: signed: trust: -, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at --
pub 1024R/6D9DAFDF --
Key fingerprint = 98B7 E1D8 2F63 6F77 0AC1 D577 FDA1 1AB2 6D9D AFDF
uid shell (shell) <shell@.com>
sub 1024R/EA7FC298 --

– 将公钥导出

[root@localhost ~]# gpg -a --export -o shell.pubkey

–将公钥传给CentOS 7

[root@localhost ~]# scp shell.pubkey 172.16.253.159:/root
root@172.16.253.159's password:
shell.pubkey

– CentOS 7导入公钥

[root@Shining ~]# gpg --import shell.pubkey
gpg: key 3A556FDA: "wangcai (wangcai) <wangcai@163.com>" not changed
gpg: key 6D9DAFDF: public key "shell (shell) <shell@163.com>" imported
gpg: Total number processed:
gpg: imported: (RSA: )
gpg: unchanged:

– 显示现在已有的密钥

[root@Shining ~]# gpg --list-key
/root/.gnupg/pubring.gpg
------------------------
pub 1024R/1A8CB5B2 --
uid shiningacg
sub 1024R/6C970F98 -- pub 1024R/3A556FDA -- [expires: --]
uid wangcai (wangcai) <wangcai@.com>
sub 1024R/5B63A8CB -- [expires: --] pub 1024R/6D9DAFDF --
uid shell (shell) <shell@.com>
sub 1024R/EA7FC298 --

– CentOS 7使用公钥加密文件

[root@Shining ~]# gpg -e -r shell shell.pubkey
gpg: EA7FC298: There is no assurance this key belongs to the named user pub 1024R/EA7FC298 -- shell (shell) <shell@.com>
Primary key fingerprint: 98B7 E1D8 2F63 6F77 0AC1 D577 FDA1 1AB2 6D9D AFDF
Subkey fingerprint: D879 559A 7E61 1CA2 ADAB 0AC0 DFE0 ED9B EA7F C298 It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes. Use this key anyway? (y/N) y

– CentOS 7将文件传给CentOS 6

[root@Shining ~]# scp shell.pubkey.gpg 172.16.252.157:/root
root@172.16.252.157's password:
shell.pubkey.gpg % .7K

– CentOS 6解密文件

[root@localhost ~]# gpg -d shell.pubkey.gpg  

You need a passphrase to unlock the secret key for
user: "shell (shell) <shell@163.com>"
-bit RSA key, ID EA7FC298, created -- (main key ID 6D9DAFDF) can't connect to `/root/.gnupg/S.gpg-agent': No such file or directory (pinentry-gtk-:): GLib-GObject-CRITICAL **: Object class GtkSecureEntry doesn't implement property 'editing-canceled' from interface 'GtkCellEditable'
gpg: encrypted with -bit RSA key, ID EA7FC298, created --
"shell (shell) <shell@163.com>"
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.14 (GNU/Linux) mI0EWD8rmwEEAKRKyQbtk+S6F+fGFKxaVWXeq4wB4pV7y0Ou1/PytbndOutmYlfV
aMo2may/9twhmK4+i1O6f//Yt/p63rxGE0YqDzx6sn0M/5AnEI872U7/4HAg/UZ
FP6a204WqkK/ZJnwq5nnovAmZhSkB0AVIYgm60kJUJZql+nNezKaWO4VABEBAAG0
I3dhbmdjYWkgKHdhbmdjYWkpIDx3YW5nY2FpQDE2My5jb20+iL4EEwECACgFAlg/
K5sCGwMFCQWjmoAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEBx0QMI6VW/a
Bx0D/0bei2gEgYxXhvoozhTPlM+N+7NjnMpYS5FMy1T7zILOhEawnIyRwi1DyYTA
2HIUVJ556yo98Mg9aXzEL5DVH0CAT2zBDJ8X2EpUDuQ1Dx0VfmpJmL0Kk8DqtL9T
AErc/daphn+fjrdurdEL5YKoG3MyEXEQYOVnySDUrbA1bluYuI0EWD8rmwEEALf7
p3HrbOIa+B+Pi0VYTkG/Ahj6j7HslnveJ9HGwnanA1ZAQCGWyJpqnERCnJTTzq+o
ZG/51S96ZcixWJlFIwnE6KTxNk2Cz1stPiy9KOFS5hFY2fFN1pxh6VLVFW3lYQM7
Qh5owJ1xDSiXqswkUdCtDhB43jj6PSsFtmzNNLXhABEBAAGIpQQYAQIADwUCWD8r
mwIbDAUJBaOagAAKCRAcdEDCOlVv2gA7BACINPR+SFINWHTLXO43Lqi5joUGd5Ao
gvXjSNl7zJlp0ZSYj5ss2eVLpxCzBNlZYMVSmCKbfhjyIZCQmEVVRK93YUprDlLs
+7fTaGOKW5DkxwU25Ji3yDqtYRjPyUgB3f3KOsFx4tvFKZWiODGYn1042DJ9BcVJ
kBbgGjZqtWzMa5iNBFg/iaYBBADKYkzP97x+8z2f8fegLfsflkqOZImgmaH5jYcT
QOygxorhH/Ahaaw2icabbSr3rfMgr4ZoPZd7m5gImtJxJUJ1heNj0XBHmYsmfGLb
0HhKWAMPwlUe9Sr/aQaRhCXQ20ROhqv4yqZewiVcTF3/Fte6cCKe4ylJRDGeEUJr
1Fn98QARAQABtB1zaGVsbCAoc2hlbGwpIDxzaGVsbEAxNjMuY29tPoi4BBMBAgAi
BQJYP4mmAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRD9oRqybZ2v3/7J
A/4mrkdj3FOJoFMjU3PVxNCobLIBt4JRUchdvZrgR9alxktU5wFR0AhzqiK/1kJH
BMHF/CN+0UfMavPerl0gAYzL/YkKep9+w9NC61hbZn6ftAK4DVNLnvULQPBlXybr
r9ili8m7M2fLW8lUoJJca/NGWww9gkyQRtBaoI/bfbUJbLiNBFg/iaYBBADVjpxC
9HcY81il+jGcAf3d5E30fkRGQ3PHDhM46+EEEcU5EMxoGGnuS8mpyRZhrb7Cf2d1
56BaW36J5KQ4TcT+stsdsSzRWiO9YRezHfYGX9dP+Y0rAiJzNtsPuIjpCxFsrIMP
OTlKcLVOPeZkPpBq/Xvtca+wbiNsHiyCz3DXfQARAQABiJ8EGAECAAkFAlg/iaYC
GwwACgkQ/aEasm2dr98+OAP/Tu7JEKPcXCNMHaNLcxy+4QukQt5ygZMxtV0DOMmH
W4JI6MV4zn19EnsKsTlho5Hw5Cn/OUUQUs7hPZmIYijvT5VZENBA6GlnRVRigX+k
LtKia1LtlQjd9JQe5Y/NG9gifnaCxSXiwaMviDZts8ys2LKkP7tYN7jUaThBi3xq
Szs=
=7Ued
-----END PGP PUBLIC KEY BLOCK-----

– CentOS 7删除CentOS 6的公钥

[root@Shining ~]# gpg --delete-keys shell
gpg (GnuPG) 2.0.; Copyright (C) Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. pub 1024R/6D9DAFDF -- shell (shell) <shell@.com> Delete this key from the keyring? (y/N) y

– CentOS 6删除私钥和公钥

[root@localhost ~]# gpg --delete-secret-keys shell
gpg (GnuPG) 2.0.; Copyright (C) Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. sec 1024R/6D9DAFDF -- shell (shell) <shell@.com> Delete this key from the keyring? (y/N) y
This is a secret key! - really delete? (y/N) y
[root@localhost ~]# gpg --delete-keys shell
gpg (GnuPG) 2.0.; Copyright (C) Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. pub 1024R/6D9DAFDF -- shell (shell) <shell@.com> Delete this key from the keyring? (y/N) y 显示密钥: [root@localhost ~]# gpg --list-key
/root/.gnupg/pubring.gpg
------------------------
pub 1024R/3A556FDA -- [expires: --]
uid wangcai (wangcai) <wangcai@.com>
sub 1024R/5B63A8CB -- [expires: --

gpg签名用法的更多相关文章

  1. 带GPG签名的Git tag

    原文地址http://airk000.github.io/git/2013/09/30/git-tag-with-gpg-key Git tag ###Tag用来做什么? Tag即标签,用以给项目仓储 ...

  2. &lbrack;git&rsqb;使用GPG签名你的commit

    概述 GPG是一种加密算法,现在github支持commit使用GPG加密,从而保证提交的commit在传输的过程中没有被篡改. 一.生成GPG密钥 什么是GPG:阮一峰的GPG教程 安装GPG:br ...

  3. linux SElinux防护 加密解密 gpg签名与认证

    SElinux Security-Enhanced Linux由美国国家安全局主导开发一套强化linux安全的mac扩展模块 selinux的运作机制:集成到linux内核上(2.6及以上)操作系统提 ...

  4. Linux之RPM GPG签名

    原文地址:http://linux.chinaunix.net/techdoc/system/2007/09/26/968723.shtml GPG在Linux上的应用主要是实现官方发布的包的签名机制 ...

  5. yum安装时提示&OpenCurlyDoubleQuote;尚未安装任何 GPG 公钥,请下载您希望安装的软件签名公钥并安装”

    在Linux操作系统中,安装软件依赖包时,出现了尚未安装任何 GPG 公钥,要求使用rpm --import public.gpg.key导入  问题: [root@server7 yum.repos ...

  6. git用法

    chapter: 8 add 添加文件内容至索引 用法:git add [选项] [--] ... -n, --dry-run 演习 -v, --verbose 冗长输出 -i, --interact ...

  7. Git的一些用法

    三. Git的一些用法 1. .gitignore文件 屏蔽文件 : .gitignore文件是告诉Git哪些目录或者文件需要忽略, 这些文件将不被提交; 常用场景 : 写完代码后会执行变异调试等操作 ...

  8. GPG 使用指南

    加密与签名 在传输信息时,会面临两个典型的问题: 如何保证发出的消息,只能被预期的接收人获取? 如何保证收到的消息,确实由预期的发送人发出? 这两个问题不难理解.例如发送的邮件可能会被监听,诈骗分子可 ...

  9. gpg --verify之&quot&semi;Can&&num;39&semi;t check signature&colon; No public key&quot&semi;

    自从XcodeGhost之后下载软件之后也会先验证一下md5sum,现在发现后面还有gpg签名,于是也开始学习一下. gpg的文件在centos6.4上是默认安装的,其安装使用可以参照ruanyife ...

随机推荐

  1. U盘安装操作系统

    U盘安装操作系统 On 2010 年 4 月 27 日, in IT, by hr 写在前面 本文主要介绍如何使用U盘安装系统,无法使用光驱安装或者不想随身带着光盘,使用这招都很管用,而且备着这样一只 ...

  2. jdk1&period;6 webService 客户端代码生成和测试

    参数:测试webService的地址:http://10.113.11.1:9090/enocpService/buildingEngService?wsdl 1,eclipse中新建一个项目, 2, ...

  3. bind 方法实现

    [要求]:实现 bind 方法 [实现]: // 简单方法 Function.prototype.bind = Function.prototpe.bind || function(context) ...

  4. 用 EasyBCD 在 Win7&sol;8 中硬盘安装 Ubuntu

    写在前面: 1. 我装的是ubuntu 13.10 64位,不一样的地方是,从casper文件夹复制出来的文件不是vmlinuz,而是vmlinuz.efi,相应的,menu.lst里也要将vmlin ...

  5. 解开发者之痛:中国移动MySQL数据库优化最佳实践&lpar;转&rpar;

    开源数据库MySQL比较容易碰到性能瓶颈,为此经常需要对MySQL数据库进行优化,而MySQL数据库优化需要运维DBA与相关开发共同参与,其中MySQL参数及服务器配置优化主要由运维DBA完成,开发则 ...

  6. 【转】Rails 3&period;1错误-Could not find a JavaScript runtime及execjs和therubyracer介绍

    转自:http://rubyer.me/blog/740/ Rails 3.1错误 /gems/execjs-1.1.2/lib/ execjs/runtimes.rb:43:in `autodete ...

  7. 教您Photoshop中如何快速放大、缩小、移动图像

    教您Photoshop中如何快速放大.缩小.移动图像 http://jingyan.baidu.com/article/ae97a646aaeaaebbfc461d5e.html

  8. js调试

    在chrome下的调试案例 1.console.log() $("#typeid").change(function(){ var id = $(this).val(); cons ...

  9. Android访问服务器&lpar;TOMCAT&rpar;乱码引发的问题

    1.浏览器往服务器发送的请求主要可分为2种:get.post:delete.head等不赘述. GET方式: 从浏览器上直接敲地址,最大特点就是参数直接跟在地址后面. POST方式:表单提交等. 2. ...

  10. Java知多少(103)网络编程之IP地址和InetAddress类

    Java语言的优势之一是Java程序能访问网络资源.Java提供一系列的类支持Java程序访问网络资源. TCP/IP协议和IP地址 为了进行网络通信,通信双方必须遵守通信协议.目前最广泛使用的是TC ...