[TOC] > [參考](https://blog.csdn.net/chengqiuming/article/details/83045160) ## 教程 ### 生成密鑰對 ``` gpg --gen-key gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: directory `/root/.gnupg' created gpg: new configuration file `/root/.gnupg/gpg.conf' created gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run gpg: keyring `/root/.gnupg/secring.gpg' created gpg: keyring `/root/.gnupg/pubring.gpg' created Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 #選擇密鑰類型（這里我們選擇加密算法是RSA、數字簽名算法也是RSA） RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 2048 #設置密鑰的比特數 Requested keysize is 2048 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) 1y #設置密鑰有效期（一年） Key expires at Mon 14 Oct 2019 09:51:43 AM CST Is this correct? (y/N) y #確認有效性 GnuPG needs to construct a user ID to identify your key. Real name: cakin #輸入姓名 Email address: 798102175@qq.com #輸入郵箱地址 Comment: cakin #輸入備注 You selected this USER-ID: "cakin (cakin) <798102175@qq.com>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O #選擇OK You need a Passphrase to protect your secret key. #口令輸入界面 We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: /root/.gnupg/trustdb.gpg: trustdb created #創建信任網的數據庫 gpg: key F15FE9FE marked as ultimately trusted #自己生成的密鑰將被設置為“絕對信任” public and secret key created and signed. gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2019-10-14 pub 2048R/F15FE9FE 2018-10-14 [expires: 2019-10-14] #F15FE9F密鑰生成完畢 Key fingerprint = 9B42 B3CC DBA4 B411 ACEA F0F5 08C9 3BF3 F15F E9FE uid cakin (cakin) <798102175@qq.com> sub 2048R/E672385C 2018-10-14 [expires: 2019-10-14] ``` ### 查看剛才生成的公鑰 ``` [root@centos gnupg-2.1.4]# gpg --export --armor E672385C -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.22 (GNU/Linux) mQENBFvCof4BCACyb/vGxaAqlpT3X/XAkXwV34j7e+KhrBEKdDIjY3Uwc7tmXfcf 0gtyJ+XYGjo/umz9lfD1eCfmqHqXAX4yw6qCqSonb7MforYYVwIcC9MgCY4zJS93 mteKLnJBBdEinylC34EAYKKJ8+nVJ0j8J4AREcFELseqpzbzszKqAcj+ZSif5ov+ sOSaMxKJfFLmxw/7MQ/imL0pko93VQtWdIXVlCIlw9CcWNxkDsR1rOeHlm7nEPTb tjzdto+nZR85J93eAWvJuFc+sQVh6jqtVf8d7/RxbCxLxyXCZITIvCY/G8exDE5c 3kzhV+lHrAnQVXUeLfkR73MaLUlyjmdkgt/XABEBAAG0IGNha2luIChjYWtpbikg PDc5ODEwMjE3NUBxcS5jb20+iQE/BBMBAgApBQJbwqH+AhsDBQkB4TOABwsJCAcD AgEGFQgCCQoLBBYCAwECHgECF4AACgkQCMk78/Ff6f5r2wgAioaYmQx1RRKVTkmQ bL6LmMTpswqqvTn2OwqZZGT2OHf8TqHcJbzemFO+RdRVLDNROspWUYqUAey0Ky3H VXOM1CJrcWh6pXWgL5ZtHieDMulYaeWt9guDrEYt3a9KsnBfQD8f86uxpd55d7Lg xHFADksUNVMK204eVZZ3FrK3cHLBu3vGtwyBQUAT4UTRE8W1a/CJC6259vJd0bc9 8wQ/QIYKLUKuCuF+6+xLucQrcv/0APWsdQQS9UOFGAcW/beNXkUTKazadeulLen0 KyovDVR2YMNrj73iP1bOdfIglCIQVe/3OsA1H1OXnzOO1n5G1Uex+fdZZAnrRkoW CLszNLkBDQRbwqH+AQgAyX8bPz/mDC/gtFZjnhLkvaw35tfkTpTeNHrfZ2GFqLIE C+jqX+2H4YwjXwX6D+eYLGzZxbQ3Mhi44Pf1dMmhD7m75qoALTlyQVmiMy3JqSuf db31r29gcO5oq0RJks8visNTKCSNwDPT7M9Od7EyS6oD9wjOgSYwsAiThqDQGUDB VzeVzVEW6L3DxUGuiPm+WSMEQCQWb3w2yXJTC5GmlB2jyweHh8VMNcoiIfPx95jL 1M/N92BJt8cZsQr1WsT/dprF0NVM33wDpHq5hjFffunB3jntcFH1N23lZ+gQCPs3 jBtua3kXm8aItvQlD3L7y6Ielq96Jbh+JAd0qgcmiwARAQABiQElBBgBAgAPBQJb wqH+AhsMBQkB4TOAAAoJEAjJO/PxX+n+fvcIAK67lctvQSVLu/X836s/RJ2dwrWt VJfjQwi4LP/ww1fsHlQ/RgI8h/wiJRCmzYrsT2cB7jvxVducNqmgg4z9/xAX1Jy9 TKmtk3qllnyeK29DkJN1P6RBTchlRImQAID3w7QEB8dj3sCNlQNgV8oB4YWqVxjE PE+uaQQGa4VBOB40iAr45bfWLVlkuwqYRbI3GZNjsbCQKcfQO1HD8/87zKXHTEUa neVGfQVscSqq4LYDlkDFDfs6r7uckD2w7vi4M3YjG2XH7CwAJDxAE5HUX8EaMxU2 RAHumd1Z9Otqfds38yeHTxTGhCszu3DteYWX6f0kwuZmLfAGUT7Kv/idJBY= =4oaQ -----END PGP PUBLIC KEY BLOCK----- ``` ### 列出密鑰 ``` #list-keys 參數列出系統已有的密鑰 [root@centos gnupg-2.1.4]# gpg --list-keys #顯示公鑰文件名 /root/.gnupg/pubring.gpg #顯示公鑰特征（4096位，Hash字符串和生成時間） pub 2048R/F15FE9FE 2018-10-14 [expires: 2019-10-14] #顯示用戶ID uid cakin (cakin) <798102175@qq.com> #顯示私鑰特征 sub 2048R/E672385C 2018-10-14 [expires: 2019-10-14] ``` ### 將公鑰導入到文件 ``` gpg --armor --output public-key.txt --export cakin ``` 公鑰名為:public-key.txt ### 導出私鑰 ``` gpg --armor --output private-key.txt --export-secret-keys ``` 私鑰名為:private-key.txt