1、安装:
yum install gnupg
2、生成密钥:
gpg --gen-key
3、加密:
gpg --recipient [用户ID] --output demo.en.txt --encrypt demo.txt;find demo.en.txt
4、解密:
gpg --passphrase 私钥保护密码 --decrypt demo.en.txt
公钥加密遇到的问题:
[user@webss shell]$ ./gpgEncryptFil
gpg: 51538612BA: There is no assurance this key belongs to the named user
pub 5168G/51538612BA 2016-04-21 XXX
Primary key fingerprint: XXXXX
Subkey fingerprint: XXXX
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N)
每次执行需要选择Y/N,这个是因为为设置key可信.
按如下描述设置即可
只要将证书设置为可信就好了,
--no-tty 是参数是不在控制台输出数据,去掉的话也能看到问题 ~~
gpg 需设置key为可信,不然每次都会提示"Use this key anyway? (y/N)"
命令:
gpg --edit-key Todaynic
然后参照:
When importing a public key onto another machine, you may have configure gpg to
trust the key. Otherwise, when you use the key to do encryption, you may
see a prompt like this:
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N)
To trust the key, run:
gpg --edit-key NAME
gpg will output some information, and show a line like:
trust: undefined validity: unknown
You will be at a console, and you have to type "trust":
Command> trust
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
Type "quit" to quit. If you run gpg --edit-key NAME again, you will
see a line as below, which means the key is now trusted.
trust: ultimate validity: ultimate
gpg> quit