简介
GNU Privacy Guard(GnuPG或GPG)是一种加密软件,它是PGP加密软件的满足GPL的替代物。GnuPG依照由IETF订定的OpenPGP技术标准设计。GnuPG用于加密、数字签名及产生非对称钥匙对的软件。
2.GPG公钥生成
输入“gpg —gen-key”开始生成
[root@localhost ~]$ gpg --gen-key
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
3.询问密钥对位数,这里输入1024
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 1024
4.提示输入密钥的有效期,这里选择不过期‘0’
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 0
5.提示密码将永不过期,输入y
Key does not expire at all
Is this correct? (y/N) y
6.输入密钥对的名称
GnuPG needs to construct a user ID to identify your key.
Real name: test
7.输入邮箱和备注
Real name: test
Email address: test@qq.com
Comment: test
You selected this USER-ID:
"test (test) <test@qq.com>"
8.输入o确认
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
9.这时候会弹出一个提示窗输入密码,自己设置一个密码即可
10.密码设置好了之后,系统会开始生成密钥对
11.查看公钥
gpg --list-key
12.查看私钥
gpg --list-secret-keys
13.导出公钥,默认导入到当前路径,也可以自己设置路径
gpg -a --export test > gongyao.asc
14.将公钥发送给需要文件加密的服务器即可
15.导出私钥,路径同公钥一样
gpg -a --export-secret-keys test > siyao.asc
16.加密文件,本机加密
gpg --encrypt --recipient "test" test.txt
文件加密后会生成一个test.txt.gpg文件,vi打开后显示乱码
17.本机解密
gpg --decrypt test.txt.gpg > test.txt
18.其他服务器加密,先将公钥传至该服务器,再导入公钥
#文件传输可用scp或rsync任意方法这里不做赘述
gpg --import gongyao.asc
19.公钥导入成功后开始加密文件,出现提示输入y即可
gpg --encrypt --recipient "test" test.txt
20.文件解密
gpg --decrypt test.txt.gpg > test.txt
注:如果将加密的文件发送给其他服务器,则需要在接收文件的服务器导入公钥,再执行解密,当执行解密时会提示你输入步骤9设置的密码,密码正确则解密成功