GPG(GnuPG)入門

GPG(GnuPG)入門

下載:

https://gnupg.org/download/index.html 或者 http://www.hellopp.cn/page/5b9a1405c3f1f7d4116937ef   [看Binary download 部分] Download Note that you may also download the GNU Privacy Guard from a mirror site close to you. See our list of mirrors. The table below provides links to the location of the files on the primary server only. Top of Form   Bottom of Form Source code releases These are the canonical release forms of GnuPG. To use them you need to build the binary version from the provided source code. For Unix systems this is the standard way of installing software. For GNU/Linux distributions are commonly used (e.g. Debian, Fedora, RedHat, or Ubuntu) which may already come with a directly installable packages. However, these version may be older so that building from the source is often also a good choice. Some knowledge on how to compile and install software is required. The table lists the different GnuPG packages, followed by required libraries, required tools, optional software, and legacy versions of GnuPG. For end-of-life dates see further down. Name Version Date Size Tarball Signature GnuPG 2.2.10 2018-08-30 6503k download download Libgpg-error 1.32 2018-07-12 883k download download Libgcrypt 1.8.3 2018-06-13 2919k download download Libksba 1.3.5 2016-08-22 606k download download Libassuan 2.5.1 2017-12-07 551k download download ntbTLS 0.1.2 2017-09-19 334k download download nPth 1.6 2018-07-16 293k download download Pinentry 1.1.0 2017-12-03 456k download download GPGME 1.11.1 2018-04-20 1385k download download GPA 0.9.10 2016-11-19 745k download download GnuPG 1.4 1.4.23 2018-06-11 3661k download download GnuPG distributions are signed. It is wise and more secure to check out for their integrity. Remarks: Pinentry is a collection of passphrase entry dialogs which is required for almost all usages of GnuPG. GPGME is the standard library to access GnuPG functions from programming languages. GPA is a graphical frontend to GnuPG. GnuPG 1.4 is the old, single binary version which still support the unsafe PGP-2 keys. This branch has no dependencies on the above listed libraries or the Pinentry. However, it lacks many modern features and will receive only important updates. GnuPG binary releases In general we do not distribute binary releases but leave that to the common Linux distributions. However, for some operating systems we list pointers to readily installable releases. We cannot guarantee that the versions offered there are current. Note also that some of them apply security patches on top of the standard versions but keep the original version number. OS Where Description Windows Gpg4win Full featured Windows version of GnuPG   download sig Simple installer for the current GnuPG   download sig Simple installer for GnuPG 1.4 OS X Mac GPG Installer from the gpgtools project   GnuPG for OS X Installer for GnuPG Debian Debian site GnuPG is part of Debian RPM rpmfind RPM packages for different OS Android Guardian project Provides a GnuPG framework VMS antinode.info A port of GnuPG 1.4 to OpenVMS RISC OS home page A port of GnuPG to RISC OS End-of-life announcements We announce the end-of-life date for a current stable version at the time a new stable version is released. We maintain old branches for at least two years. For GnuPG 2.2 we consider 2.1.0 as the birth of this new stable branch. For the other packages we don't maintain branches and thus there is no end-of-life; always use the latest version. Package Ver. End-of-life Birth GnuPG 1.0 2002-09-07 1999-09-07   1.2 2005-01-01 2002-09-21   1.4 none (1) 2004-12-16   2.0 2017-12-31 2006-11-11   2.2 tba 2014-11-06 Libgcrypt 1.5 2016-12-31 2011-06-29   1.6 2017-06-30 2013-12-16   1.7 2019-06-30 2016-04-15   1.8 tba 2017-07-18 tba: To be announced. (1): Legacy version; see remarks above.   [下載完Windows版本之後]:   Get started – your next steps: Check integrity of the downloaded Gpg4win installer! Install Gpg4win. Create an OpenPGP key pair with Kleopatra. Sign/encrypt a file and email to yourself for testing. Read more about the public key method (see chapter 1-5 in Gpg4win Compendium). Ask your questions and report your problems to Gpg4win Community. [下載完Windows版本後,會提示是否打開Kleopatra], Kleopatra的幫助文件在這裏]: https://docs.kde.org/stable5/en/pim/kleopatra/index.html

 

Kleopatra是個桌面工具, 應該是用來代替命令行的,

下面看看命令行怎麼用:

What is GPG, and how do I use it to encrypt files on IU's research computing systems? From:  https://kb.iu.edu/d/awio 或者: http://www.hellopp.cn/page/5b99c5311d266bd4494282ea   GNU Privacy Guard (GPG, also GnuPG) is free encryption software that's compliant with the OpenPGP (RFC4880) standard. Using GPG you can encrypt (and decrypt) files that contain sensitive data, such as protected health information (PHI) regulated by the Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules. For more on GPG, see the GNU Privacy Guard website. At Indiana University, GPG is installed as a command-line application in the default user environments on Big Red II, Carbonate, and Karst. To use GPG, you create a unique encryption key, and then use that key to encrypt and decrypt your files. If you need help using GPG on IU's research computing systems, contact the UITS Scientific Applications and Performance Tuning (SciAPT) team. On this page: Creating an encryption key Encrypting a file Decrypting a file Creating an encryption key To create a unique key for encrypting and decrypting files with GPG: Make sure gpg-agent is running; on the command line, enter:   gpg-agent -s --daemon --write-env-file --use-standard-socket You will see something like the following (in which username is your Network ID username and Machine is the name of the system):   GPG_AGENT_INFO=/N/u/username/Machine/.gnupg/S.gpg-agent:22743:1; export GPG_AGENT_INFO;   這是gpg-agent沒有運行的時候作的, 一般安裝完之後會自動運行了,就不用這一步了,執行一下也沒有關係,會給出提示gap-agen已經運行了. On the command line, enter: You will see something like the following (in which username is your Network ID username and Machine is the name of the system):   gpg --gen-key   gpg (GnuPG) 2.0.14; Copyright (C) 2009 Free Software Foundation, Inc.   This is free software: you are free to change and redistribute it.   There is NO WARRANTY, to the extent permitted by law.     gpg: keyring `/N/u/username/Machine/.gnupg/secring.gpg' created   gpg: keyring `/N/u/username/Machine/.gnupg/pubring.gpg' created   Please select what kind of key you want:      (1) RSA and RSA (default)      (2) DSA and Elgamal      (3) DSA (sign only)      (4) RSA (sign only)   Your selection? Enter 1 to select the default key. GPG will prompt you to choose a keysize (in bits). Enter 1024. You will see:   Requested keysize is 1024 bits   Please specify how long the key should be valid.            0 = key does not expire           = key expires in n days         w = key expires in n weeks         m = key expires in n months         y = key expires in n years   Key is valid for? (0) Enter a value to specify how long the key should remain valid (e.g., 2 for two days, 3w for three weeks, 10mfor 10 months, or 0 for no expiration date). GPG will prompt you to confirm the expiration date. If the correct date is displayed, enter y. GPG will prompt for information it will use to construct a user ID to identify your key. At the prompts, enter your name, email address, and a comment. GPG will prompt you to confirm or correct your information. You'll see a prompt something like this: If the information displayed is correct, enter o to accept the user ID. To correct errors or quit the process, enter the appropriate alternative ( n , c , e, or q ). If you accept the user ID, GPG will prompt you to enter and confirm a password. Afterward, GPG will begin generating your key. You'll see:   You selected this USER-ID:       "Full Name (comment) <username@iu.edu>"     Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?   We need to generate a lot of random bytes. It is a good idea to   perform some other action (type on the keyboard, move the mouse,   utilize the disks) during the prime generation; this gives the   random number generator a better chance to gain enough entropy. This process may take several minutes to complete. When it's finished, you will see something like:   gpg: key 09D2B839 marked as ultimately trusted   public and secret key created and signed.     gpg: checking the trustdb   gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model   gpg: depth: 0  valid:   4  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 4u   gpg: next trustdb check due at <expiration_date>   pub   1024R/09D2B839 2013-06-25 [expires: <expiration_date>]         Key fingerprint = 6AB2 7763 0378 9F7E 6242  77D5 F158 CDE5 09D2 B839   uid                  Full Name (comment) <username@indiana.edu>   sub   1024R/7098E4C2 2013-06-25 [expires: <expiration_date>] You can now use the key (until it expires) to encrypt files in your account (for instructions, see the next section). 我執行2-9步的時候,只要求輸入名字和郵箱, 而後會彈出對話框讓輸入密碼,應該就是所謂的私鑰. 而後就提示文件已經建立成功了以及文件所存的路徑,是一個rev文件,打開會,裏面存的是公鑰.     Back to top Encrypting a file To encrypt a file using a GPG key you created, on the command line, enter (replace user_id with the email address you specified when you created the key and my_file with the name of the file to encrypt):   gpg -e -r user_id my_file GPG will create an encrypted version of the file you specified; the encrypted file will have a .gpg file extension (e.g., my_file.gpg). After confirming the encrypted version has been created, you can delete the original unencrypted file. 這裏輸入的user_id就是建立key的時候輸入的郵箱. 建立出來的加密文件是原有的文件名加上.gpg Back to top Decrypting a file To decrypt a .gpg file (e.g., my_file.gpg), on the command line, enter:   gpg my_file.gpg GPG will prompt you for the password associated with the key you used to encrypt the file. When you enter the correct password, GPG will recreate the original, unencrypted version of the file (e.g., my_file). This process does not delete or alter the encrypted version of the file (my_file.gpg). 執行這個命令的時候會彈出建立key的時候要求你輸入的密碼,這個應該就是所謂的私鑰. Back to top Related documents Useful GPG commands This is document awio in the Knowledge Base.  Last modified on 2017-12-12 15:08:56.