简介
GNU Privacy Guard(GnuPG或GPG)是一种加密软件,它是PGP加密软件的满足GPL的替代物。GnuPG依照由IETF订定的OpenPGP技术标准设计。GnuPG用于加密、数字签名及产生非对称钥匙对的软件。
2.GPG公钥生成
输入“gpg —gen-key”开始生成
[root@localhost ~]$ gpg --gen-key
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 13.询问密钥对位数,这里输入1024
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 10244.提示输入密钥的有效期,这里选择不过期‘0’
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 05.提示密码将永不过期,输入y
Key does not expire at all
Is this correct? (y/N) y6.输入密钥对的名称
GnuPG needs to construct a user ID to identify your key.
Real name: test7.输入邮箱和备注
Real name: test
Email address: test@qq.com
Comment: test
You selected this USER-ID:
"test (test) <test@qq.com>"8.输入o确认
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o9.这时候会弹出一个提示窗输入密码,自己设置一个密码即可
10.密码设置好了之后,系统会开始生成密钥对
11.查看公钥
gpg --list-key12.查看私钥
gpg --list-secret-keys13.导出公钥,默认导入到当前路径,也可以自己设置路径
gpg -a --export test > gongyao.asc14.将公钥发送给需要文件加密的服务器即可
15.导出私钥,路径同公钥一样
gpg -a --export-secret-keys test > siyao.asc16.加密文件,本机加密
gpg --encrypt --recipient "test" test.txt
文件加密后会生成一个test.txt.gpg文件,vi打开后显示乱码
17.本机解密
gpg --decrypt test.txt.gpg > test.txt18.其他服务器加密,先将公钥传至该服务器,再导入公钥
#文件传输可用scp或rsync任意方法这里不做赘述
gpg --import gongyao.asc19.公钥导入成功后开始加密文件,出现提示输入y即可
gpg --encrypt --recipient "test" test.txt20.文件解密
gpg --decrypt test.txt.gpg > test.txt注:如果将加密的文件发送给其他服务器,则需要在接收文件的服务器导入公钥,再执行解密,当执行解密时会提示你输入步骤9设置的密码,密码正确则解密成功