GnuPG如何安全地分發私鑰(6)在其餘電腦上啓用「個人密鑰」
1 其餘電腦上的密鑰
root@debian8:~# gpg -Kredis
/root/.gnupg/secring.gpgc#
------------------------centos
sec 1024D/D04D1A0B 2016-11-25 [expires: 2016-12-09]ui
uid debian8this
ssb 2048g/C1845DA4 2016-11-25加密
sec 4096R/276856F7 2016-11-25 [expires: 2017-04-24]centos7
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>spa
ssb 4096R/0A09DAC9 2016-11-25ip
root@debian8:~#ci
root@debian8:~#
能夠刪掉「臨時」密鑰 ------ debian8(或者不刪也能夠)
root@debian8:~# gpg --delete-secret-key D04D1A0B
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
sec 1024D/D04D1A0B 2016-11-25 debian8
Delete this key from the keyring? (y/N) y
This is a secret key! - really delete? (y/N) y
root@debian8:~#
root@debian8:~# gpg --delete-key D04D1A0B
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub 1024D/D04D1A0B 2016-11-25 debian8
Delete this key from the keyring? (y/N) y
root@debian8:~#
root@debian8:~# gpg -k
/root/.gnupg/pubring.gpg
------------------------
pub 4096R/276856F7 2016-11-25 [expires: 2017-04-24]
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>
sub 4096R/0A09DAC9 2016-11-25 [expires: 2017-04-24]
root@debian8:~# gpg -K
/root/.gnupg/secring.gpg
------------------------
sec# 4096R/276856F7 2016-11-25 [expires: 2017-04-24]
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>
ssb 4096R/0A09DAC9 2016-11-25
root@debian8:~#
和
[root@centos7 ~]#
[root@centos7 ~]# gpg -K
/root/.gnupg/secring.gpg
------------------------
sec# 4096R/276856F7 2016-11-25 [expires: 2017-04-24]
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>
ssb 4096R/0A09DAC9 2016-11-25
[root@centos7 ~]# gpg -k
/root/.gnupg/pubring.gpg
------------------------
pub 4096R/276856F7 2016-11-25 [expires: 2017-04-24]
uid FranklinYang (Encrypt RSA 4096) <andypeker@163.com>
sub 4096R/0A09DAC9 2016-11-25 [expires: 2017-04-24]
[root@centos7 ~]#
[root@centos7 ~]#
2 加密在debian8解密
能夠這樣
opensuse13:~ #
opensuse13:~ # vi temp_txt.log
opensuse13:~ # cat temp_txt.log
Try
decrypt
on
debian
8
with
new
secret
key
!
opensuse13:~ #
opensuse13:~ #
opensuse13:~ # gpg -u "FranklinYang" -r "FranklinYang" -a -o temp_txt.log.gpg -e temp_txt.log
opensuse13:~ # l temp_txt.log.gpg
-rw-r--r-- 1 root root 969 Nov 26 14:22 temp_txt.log.gpg
opensuse13:~ #
opensuse13:~ #
opensuse13:~ # scp temp_txt.log.gpg franklin@192.168.19.132:/home/franklin/
franklin@192.168.19.132's password:
temp_txt.log.gpg 100% 969 1.0KB/s 00:00
opensuse13:~ #
opensuse13:~ #
opensuse13:~ #
(在debian8上解密)
root@debian8:~#
root@debian8:~#
root@debian8:~# gpg -d temp_txt.log.gpg
You need a passphrase to unlock the secret key for
user: "FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
4096-bit RSA key, ID 0A09DAC9, created 2016-11-25 (main key ID 276856F7)
gpg: encrypted with 4096-bit RSA key, ID 0A09DAC9, created 2016-11-25
"FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
Try
decrypt
on
debian
8
with
new
secret
key
!
root@debian8:~#
root@debian8:~#
root@debian8:~#
root@debian8:~#
root@debian8:~#
或者,在centos7上加密和簽名,發給debian8:
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]# cat temp.sig.log
Try
decrypt
on
debian
8
with
new
secret
key
!
encrypt
and
AND signature
on CENTOS7
!
sending
to
DEBIAN8
!
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]# gpg -a -o temp.sig.log.sig.CAST5.asc -u "FranklinYang" -r "FranklinYang" -se --cipher-algo CAST5 temp.sig.log
You need a passphrase to unlock the secret key for
user: "FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
4096-bit RSA key, ID 276856F7, created 2016-11-25
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]# l temp.sig.log.sig.CAST5.asc
-rw-r--r--. 1 root root 1835 Nov 26 01:55 temp.sig.log.sig.CAST5.asc
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]# scp temp.sig.log.sig.CAST5.asc franklin@debian8:/home/franklin/
franklin@debian8's password:
temp.sig.log.sig.CAST5.asc 100% 1835 1.8KB/s 00:00
[root@centos7 ~]#
[root@centos7 ~]#
(在debian8上解密並驗證簽名)
root@debian8:~#
root@debian8:~#
root@debian8:~# gpg -o temp.sig.log -d temp.sig.log.sig.CAST5.asc
You need a passphrase to unlock the secret key for
user: "FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
4096-bit RSA key, ID 0A09DAC9, created 2016-11-25 (main key ID 276856F7)
gpg: encrypted with 4096-bit RSA key, ID 0A09DAC9, created 2016-11-25
"FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
gpg: Signature made Mon 28 Nov 2016 11:25:08 PM CST using RSA key ID 276856F7
gpg: Good signature from "FranklinYang (Encrypt RSA 4096) <andypeker@163.com>"
root@debian8:~#
root@debian8:~#
root@debian8:~# cat temp.sig.log
Try
decrypt
on
debian
8
with
new
secret
key
!
encrypt
and
AND signature
on CENTOS7
!
sending
to
DEBIAN8
!
root@debian8:~#
root@debian8:~#
root@debian8:~#
- 1. GnuPG如何安全地分發私鑰(4)加密分發個人私鑰
- 2. GnuPG如何安全地分發私鑰(5)分發個人私鑰(+簽名)
- 3. GnuPG如何安全地分發私鑰(3)導出私鑰
- 4. GnuPG如何安全地分發私鑰(1)GnuPG的用法
- 5. GnuPG如何安全地分發私鑰(2)上傳/導出分發公鑰
- 6. 密鑰,私鑰,公鑰的區分
- 7. 公鑰加密,私鑰解密;私鑰簽名,公鑰驗籤
- 8. 本地密鑰的安全
- 9. RSA公鑰加密-私鑰解密/私鑰加密-公鑰解密
- 10. openssl公鑰加密私鑰解密 &私鑰加密公鑰解密
- 更多相關文章...
- • XSD 如何使用? - XML Schema 教程
- • ASP.NET MVC - 安全 - ASP.NET 教程
- • Tomcat學習筆記(史上最全tomcat學習筆記)
- • Composer 安裝與使用
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. python的安裝和Hello,World編寫
- 2. 重磅解讀:K8s Cluster Autoscaler模塊及對應華爲雲插件Deep Dive
- 3. 鴻蒙學習筆記2(永不斷更)
- 4. static關鍵字 和構造代碼塊
- 5. JVM筆記
- 6. 無法啓動 C/C++ 語言服務器。IntelliSense 功能將被禁用。錯誤: Missing binary at c:\Users\MSI-NB\.vscode\extensions\ms-vsc
- 7. 【Hive】Hive返回碼狀態含義
- 8. Java樹形結構遞歸(以時間換空間)和非遞歸(以空間換時間)
- 9. 數據預處理---缺失值
- 10. 都要2021年了,現代C++有什麼值得我們學習的?