首页 > 代码库 > GnuPG高级指导(6)在其他电脑上启用“我的密钥”
GnuPG高级指导(6)在其他电脑上启用“我的密钥”
1 其他电脑上的密钥
root@debian8:~# gpg -K
/root/.gnupg/secring.gpg
------------------------
sec 1024D/D04D1A0B 2016-11-25 [expires: 2016-12-09]
uid debian8
ssb 2048g/C1845DA4 2016-11-25
sec 4096R/276856F7 2016-11-25 [expires: 2017-04-24]
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>
ssb 4096R/0A09DAC9 2016-11-25
root@debian8:~#
root@debian8:~#
可以删掉“临时”密钥 ------ debian8(或者不删也可以)
root@debian8:~# gpg --delete-secret-key D04D1A0B
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
sec 1024D/D04D1A0B 2016-11-25 debian8
Delete this key from the keyring? (y/N) y
This is a secret key! - really delete? (y/N) y
root@debian8:~#
root@debian8:~# gpg --delete-key D04D1A0B
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub 1024D/D04D1A0B 2016-11-25 debian8
Delete this key from the keyring? (y/N) y
root@debian8:~#
root@debian8:~# gpg -k
/root/.gnupg/pubring.gpg
------------------------
pub 4096R/276856F7 2016-11-25 [expires: 2017-04-24]
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>
sub 4096R/0A09DAC9 2016-11-25 [expires: 2017-04-24]
root@debian8:~# gpg -K
/root/.gnupg/secring.gpg
------------------------
sec# 4096R/276856F7 2016-11-25 [expires: 2017-04-24]
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>
ssb 4096R/0A09DAC9 2016-11-25
root@debian8:~#
[root@centos7 ~]#
[root@centos7 ~]# gpg -K
/root/.gnupg/secring.gpg
------------------------
sec# 4096R/276856F7 2016-11-25 [expires: 2017-04-24]
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>
ssb 4096R/0A09DAC9 2016-11-25
[root@centos7 ~]# gpg -k
/root/.gnupg/pubring.gpg
------------------------
pub 4096R/276856F7 2016-11-25 [expires: 2017-04-24]
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>
sub 4096R/0A09DAC9 2016-11-25 [expires: 2017-04-24]
[root@centos7 ~]#
[root@centos7 ~]#
2 加密在debian8解密
opensuse13:~ #
opensuse13:~ # vi temp_txt.log
opensuse13:~ # cat temp_txt.log
Try
decrypt
on
debian
8
with
new
secret
key
!
opensuse13:~ #
opensuse13:~ #
opensuse13:~ # gpg -u "FranklinYang" -r "FranklinYang" -a -o temp_txt.log.gpg -e temp_txt.log
opensuse13:~ # l temp_txt.log.gpg
-rw-r--r-- 1 root root 969 Nov 26 14:22 temp_txt.log.gpg
opensuse13:~ #
opensuse13:~ #
opensuse13:~ # scp temp_txt.log.gpg franklin@192.168.19.132:/home/franklin/
franklin@192.168.19.132‘s password:
temp_txt.log.gpg 100% 969 1.0KB/s 00:00
opensuse13:~ #
opensuse13:~ #
opensuse13:~ #
(在debian8上解密)
root@debian8:~#
root@debian8:~#
root@debian8:~# gpg -d temp_txt.log.gpg
You need a passphrase to unlock the secret key for
user: "FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
4096-bit RSA key, ID 0A09DAC9, created 2016-11-25 (main key ID 276856F7)
gpg: encrypted with 4096-bit RSA key, ID 0A09DAC9, created 2016-11-25
"FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
Try
decrypt
on
debian
8
with
new
secret
key
!
root@debian8:~#
root@debian8:~#
root@debian8:~#
root@debian8:~#
root@debian8:~#
或者,在centos7上加密和签名,发给debian8:
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]# cat temp.sig.log
Try
decrypt
on
debian
8
with
new
secret
key
!
encrypt
and
AND signature
on CENTOS7
!
sending
to
DEBIAN8
!
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]# gpg -a -o temp.sig.log.sig.CAST5.asc -u "FranklinYang" -r "FranklinYang" -se --cipher-algo CAST5 temp.sig.log
You need a passphrase to unlock the secret key for
user: "FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
4096-bit RSA key, ID 276856F7, created 2016-11-25
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]# l temp.sig.log.sig.CAST5.asc
-rw-r--r--. 1 root root 1835 Nov 26 01:55 temp.sig.log.sig.CAST5.asc
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]# scp temp.sig.log.sig.CAST5.asc franklin@debian8:/home/franklin/
franklin@debian8‘s password:
temp.sig.log.sig.CAST5.asc 100% 1835 1.8KB/s 00:00
[root@centos7 ~]#
[root@centos7 ~]#
(在debian8上解密并验证签名)
root@debian8:~#
root@debian8:~#
root@debian8:~# gpg -o temp.sig.log -d temp.sig.log.sig.CAST5.asc
You need a passphrase to unlock the secret key for
user: "FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
4096-bit RSA key, ID 0A09DAC9, created 2016-11-25 (main key ID 276856F7)
gpg: encrypted with 4096-bit RSA key, ID 0A09DAC9, created 2016-11-25
"FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
gpg: Signature made Mon 28 Nov 2016 11:25:08 PM CST using RSA key ID 276856F7
gpg: Good signature from "FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
root@debian8:~#
root@debian8:~#
root@debian8:~# cat temp.sig.log
Try
decrypt
on
debian
8
with
new
secret
key
!
encrypt
and
AND signature
on CENTOS7
!
sending
to
DEBIAN8
!
root@debian8:~#
root@debian8:~#
root@debian8:~#
GnuPG高级指导(6)在其他电脑上启用“我的密钥”