热门关键字:   网站安全  黑客攻防  安全漏洞  系统安全  网络安全
站外
广告
域名申请虚拟主机 信息安全 域名注册 云主机 网络安全技术 企业网络安全 站外
广告
文字广告位招租 文字广告位招租 文字广告位招租 文字广告位招租 云安全

通过GPG加密文件

发布时间:2012-04-11 23:47文章来源:网络文章作者:unknow 点击次数:
摘要:1、生成密钥对:gpg --gen-key 为用户生成新密钥对。需提供:密钥类型(默认为RSA/RSA);密钥长度(以位为单位,越长越强);过期时间(以防密钥损坏);(通常我都是一路回车过去)接下来的还是要填一填的:名称、电子邮箱、标识密钥所有者的注释;密码短...

1、生成密钥对:gpg --gen-key

为用户生成新密钥对。需提供:密钥类型(默认为RSA/RSA);密钥长度(以位为单位,越长越强);过期时间(以防密钥损坏);(通常我都是一路回车过去)接下来的还是要填一填的:名称、电子邮箱、标识密钥所有者的注释;密码短语(必须提供,如果私钥被盗,将无法使用)。

2、列出公钥:gpg --list-keys

列出所拥有的公钥:他们自己的公钥以及从与之通信的其他人那里导入的任何公钥。

3、导出公钥:gpg --export --armor key-id -o file.key

将公钥导出至文件,以便于其他人使用。--armor选项以文本形式显示输出,而非二进制格式。key-id是电子邮箱地址或在--list-keys的pub行中列出的八位十六进制数。

4、导入公钥:gpg --import file.key

从发送给您的密钥文件中导入其他人的公钥

5、加密文件:gpg --encrypt --armor -r key-id file

用key-id的公钥加密消息。如果未提供-r key-id,命令将提示收件人输入。默认输出文件为file.asc.

6、解密文件:gpg --decrypt file

用您的私钥之一解密用公钥加密的消息。



示例:

创建属于您自己的公钥/ 私钥对。

[[email protected] ~]$ gpg --gen-key

gpg (GnuPG) 2.0.14; Copyright (C) 2009 Free Software Foundation, Inc.

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:

(1) RSA and RSA (default)

(2) DSA and Elgamal

(3) DSA (sign only)

(4) RSA (sign only)

Your selection? Enter

RSA keys may be between 1024 and 4096 bits long.

What keysize do you want? (2048) Enter

Requested keysize is 2048 bits

Please specify how long the key should be valid.

0 = key does not expire

<n> = key expires in n days

<n>w = key expires in n weeks

<n>m = key expires in n months

<n>y = key expires in n years

Key is valid for? (0) Enter

Key does not expire at all

Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: shangjx

Email address: [email protected]

Comment: Enter

You selected this USER-ID:

"xiyou<[email protected]>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o

You need a Passphrase to protect your secret key.

can't connect to `/home/wxh/.gnupg/S.gpg-agent': No such file or directory

gpg-agent[2008]: directory `/home/wxh/.gnupg/private-keys-v1.d' created

(此时会弹出图形应用程序,输入并验证密钥)

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

gpg: key CA83F5AF marked as ultimately trusted

public and secret key created and signed.

gpg: checking the trustdb

gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model

gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u

pub 2048R/CA83F5AF 2011-08-15

Key fingerprint = F886 17A2 F832 B545 6E27 B424 E539 26BF CA83 F5AF

uid

xiyou<[email protected]>

sub 2048R/DB58BFCE 2011-08-15

若要导出密钥,请在上面的输出中查找密钥ID 。可以在上面的pub 2048R/ 输出的后面找到。在给示例中

密钥ID 是CA83F5AF 。以下示例将显示使用该密钥ID 的命令。

●导出您的公钥,与合作伙伴共享。

[[email protected] ~]$ gpg -a -o ~/pub.key --export CA83F5AF

●将导出的公钥复制到合作伙伴的server2 上。

[[email protected] ~]$ scp pub.key server2.example.com:~

●导入合作伙伴的公钥。

[[email protected] ~]$ gpg --import pub.key

gpg: directory `/home/wxh/.gnupg' created

gpg: new configuration file `/home/wxh/.gnupg/gpg.conf' created

gpg: WARNING: options in `/home/wxh/.gnupg/gpg.conf' are not yet active during this run

gpg: keyring `/home/wxh/.gnupg/secring.gpg' created

gpg: keyring `/home/wxh/.gnupg/pubring.gpg' created

gpg: /home/wxh/.gnupg/trustdb.gpg: trustdb created

gpg: key CA83F5AF: public key "westos <[email protected]>" imported

gpg: Total number processed: 1

gpg:

imported: 1 (RSA: 1)

●创建一个文本文件,内含供合作伙伴阅读的消息。

[[email protected] ~]$ echo "xi'an university of posts and telecommunications" > encrypt.txt

●用合作伙伴的公钥加密文件。www.2cto.com

[[email protected] ~]$ gpg --encrypt --armor -r CA83F5AF encrypt.txt

gpg: CA83F5AF: There is no assurance this key belongs to the named user

pub 2048R/CA83F5AF 2011-08-15 xiyou <[email protected]>

Primary key fingerprint: 7F44 7AE0 A7C2 6E89 6C68 6FE2 5572 8249 3F7B CEB5

Subkey fingerprint: 8FCB BF3E 2D51 563F 1C3F 2440 FC81 0D73 A353 A3BF

It is NOT certain that the key belongs to the person named

in the user ID. If you *really* know what you are doing,

you may answer the next question with yes.

Use this key anyway? (y/N) y

●将加密文件复制合作伙伴。

[[email protected] ~]$ scp encrypt.txt.asc server1.example.com:~

●解密合作伙伴已加密的文件并验证您可以查看他们所发送的消息。

[[email protected] ~]$ gpg --decrypt encrypt.txt.asc

You need a passphrase to unlock the secret key for

user: "xiyou <[email protected]>"

2048-bit RSA key, ID DB58BFCE, created 2011-08-15 (main key ID CA83F5AF)

can't connect to `/home/wxh/.gnupg/S.gpg-agent': No such file or directory

gpg: encrypted with 2048-bit RSA key, ID DB58BFCE, created 2011-08-15

"xiyou<[email protected]>"

xi'an university of posts and telecommunications

标签分类: GPG加密

上一篇:老Y管理系统18位md5加密算法解密方法
下一篇:ASP破解MSSQL用户密码