GnuPG高级指导GnuPG的用法

Posted andypeker

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了GnuPG高级指导GnuPG的用法相关的知识,希望对你有一定的参考价值。

1       k与K

可以参考man gpg里的说明:

       -k

 

       --list-public-keys

              List  all  keys from the public keyrings, or just the keys given

              on the command line.

 

              Avoid using the output of this command in scripts or other  pro-

              grams  as  it  is likely to change as GnuPG changes. See --with-

              colons for a  machine-parseable  key  listing  command  that  is

              appropriate for use in scripts and other programs.

 

 

       --list-secret-keys

 

       -K     List  all  keys from the secret keyrings, or just the ones given

              on the command line. A # after the letters sec  means  that  the

              secret  key  is  not  usable (for example, if it was created via

              --export-secret-subkeys).

 

2 生成密钥

opensuse13:~ #

opensuse13:~ # gpg -K

opensuse13:~ # gpg -k

opensuse13:~ # gpg --gen-key

gpg (GnuPG) 2.0.26; Copyright (C) 2013 Free Software Foundation, Inc.

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

 

Please select what kind of key you want:

   (1) RSA and RSA (default)

   (2) DSA and Elgamal

   (3) DSA (sign only)

   (4) RSA (sign only)

Your selection?

RSA keys may be between 1024 and 4096 bits long.

What keysize do you want? (2048) 4096

Requested keysize is 4096 bits

Please specify how long the key should be valid.

         0 = key does not expire

      <n>  = key expires in n days

      <n>w = key expires in n weeks

      <n>m = key expires in n months

      <n>y = key expires in n years

Key is valid for? (0) 5m

Key expires at Mon Apr 24 21:17:17 2017 CST

Is this correct? (y/N) y

 

GnuPG needs to construct a user ID to identify your key.

 

Real name: FranklinYang

Email address: [email protected]

Comment: Encrypt RSA 4096

You selected this USER-ID:

    "FranklinYang (Encrypt RSA 4096) <[email protected]>"

 

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

You need a Passphrase to protect your secret key.

 

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

gpg: key F55B4065 marked as ultimately trusted

public and secret key created and signed.

 

gpg: checking the trustdb

gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model

gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u

gpg: next trustdb check due at 2017-04-24

pub   4096R/276856F7 2016-11-25 [expires: 2017-04-24]

      Key fingerprint = 13A2 DD5C 4BB1 13DA 9665  D49B 2055 C017 F55B 4065

uid       [ultimate] FranklinYang (Encrypt RSA 4096) <[email protected]>

sub   4096R/0A09DAC9 2016-11-25 [expires: 2017-04-24]

 

opensuse13:~ #

opensuse13:~ #

opensuse13:~ #

opensuse13:~ # gpg -k

/root/.gnupg/pubring.gpg

------------------------

pub   4096R/276856F7 2016-11-25 [expires: 2017-04-24]

uid       [ultimate] FranklinYang (Encrypt RSA 4096) <[email protected]>

sub   4096R/0A09DAC9 2016-11-25 [expires: 2017-04-24]

 

opensuse13:~ # gpg -K

/root/.gnupg/secring.gpg

------------------------

sec   4096R/276856F7 2016-11-25 [expires: 2017-04-24]

uid                  FranklinYang (Encrypt RSA 4096) <[email protected]>

ssb   4096R/0A09DAC9 2016-11-25

 

opensuse13:~ #

opensuse13:~ #

 

3 公钥和私钥的区别

注意下面这个几个key:

pub sub sec ssb

各有用途!

 

比如下面:

opensuse13b:~ #

opensuse13b:~ # gpg -K

/root/.gnupg/secring.gpg

------------------------

sec   4096R/9DDE7116 2016-11-24 [expires: 2017-05-24]

uid                  suse13b RSA encrypt

ssb   4096R/EC3B4291 2016-11-24

 

sec#  2048R/6EB6C991 2016-11-24 [expires: 2017-02-22]

uid                  virtual RSA Encrypt <[email protected]>

ssb   2048g/E423A188 2016-11-28

 

sec   2048R/EBD97E5C 2016-11-28

uid                  macOSwhyang

ssb   2048R/8EDFDBEC 2016-11-28

ssb   2048g/45FFDAC5 2016-11-28

ssb   2048D/C1CAA280 2016-11-28

 

opensuse13b:~ #

opensuse13b:~ #

 

以上是关于GnuPG高级指导GnuPG的用法的主要内容,如果未能解决你的问题,请参考以下文章

GnuPG高级指导在其他电脑上启用“我的密钥”

GnuPG高级指导导出私钥

GnuPG高级指导加密分发我的私钥

E: gnupg, gnupg2 和 gnupg1 好像没有安装,但是这个操作需要其中一个

GnuPG

gnupg:无法保证此密钥属于指定用户