Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Linux Command study manual - GPG command     - Configuring xdebug debugging environment in Ubuntu 14.04 under the PhpStorm (Linux)

- rsync server set up (Server)

- There are more than one server, there is reason to try cloud operating system (Server)

- Linux firewall iptables beginner tutorial (Linux)

- Those things packaged using Gradle to Android (Programming)

- Oracle to read and modify the data block process (Database)

- How to install Kernel 4.0.2 on CentOS 7 (Linux)

- How to create a new file system / partitions under Linux terminal (Linux)

- Linux argument references and command substitution (Linux)

- Python in yield (Programming)

- Linux password file security issues detailed usage (Linux)

- MySQL Tutorial: Philosophical Reflections on the unauthenticated user (Database)

- Ubuntu install image browser and manager Phototonic 1.6.17 (Linux)

- Modern Objective-C syntax and new features (Programming)

- Upgrading to MySQL 5.7.9 MySQL 5.6.23 (Database)

- How to install Ubuntu applications Device 7 (Linux)

- Analysis of common mistakes when compiling MySQL installation (Database)

- Oracle 11g user rights management study notes (Database)

- Linux system on how to use rsync to synchronize data (Server)

- Use window.name + iframe cross-domain access to data Detailed (Programming)

 
         
  Linux Command study manual - GPG command
     
  Add Date : 2017-08-31      
         
         
         
  [Features]

GPG is a free tool for encryption and digital signatures, mostly used for transmitting encrypted information. In addition to password encryption only outside, GPG biggest difference is the provision of "public / private" right. Use your "public key" people no longer need to tell your encrypted password information, anytime, anywhere to send encrypted messages. And this is a one-way encryption, only your "private key" can unlock the encryption. Digital signature is another big use direction. By signing the certification, to ensure that people can publish messages from you, and has not been modified.

[principle]

Symmetric key encryption algorithms used DES, Triple DES, or IDEA encryption, MD5. Symmetric key encryption communication both hold the same key to decrypt the ciphertext.

Public key encryption application packets and networks have become popular. RSA is actually used for public key encryption, which is the strongest current public key algorithm can get. Public key contains two belong to one of the keys: a public key, which is shared by all; the other is the private key stored in the secret owned by individuals. And symmetric key encryption, public key encryption to encrypt and decrypt using the two keys. A secret, which is the private key is used to decrypt the ciphertext. Ciphertext itself generated by the public key, the public key to encrypt information to be distributed to the person you want to send. How other people get your public key? Easily, you can publish it. You - the owner of the private key, is only able to decrypt the information.

Common digital signature public-key encryption to generate a signature, such as RSA and DSA. Work generating digital signatures and encryption with public key opposite. Information is sent through a hash function. After the hash handling of information with the private key encryption. Once the data is encrypted using the private key, anyone who holds a public key can verify that it is using the private key generation, so that data is validated. Therefore, any person holding a public key can be tested. Here hash function used to generate a digital signature. Hash function (hash function) is an extract information and produce information of a fixed length of the personality traits of mathematical functions. Whether you want information hash method of how big the output are the same length. In short, the information is processed after the hash with the private key is encrypted with the public key to decrypt other people successful recovery (restored to the hash result should be treated?) Who is your encrypted digital signature is verified successfully represented a.

[For example]

** Symmetric encryption and decryption

Here, briefly explain the use of gpg symmetric encryption and decryption, focusing on public key cryptography and digital certificates later.

* Symmetric encryption myfile:

#gpg -c myfile

In this way, you will be prompted to enter the password twice, and then generate an encrypted file myfile myfile.gpg, be careful not to encrypt the directory, you can use the -o option specifies the output file name.

* Decrypt the symmetric encrypted file:

#gpg -o mydecrypt -d myfile.gpg

In this way, you will be prompted to enter the password to decrypt, then enter, it will decrypt the corresponding file, specify declassified documents generated by -o, -d specifies declassified documents.

**

** Public key encryption-related

* Generate a key pair:

[Root @ lv-k ~] # gpg --gen-key

After the input, output, and interactive prompts as follows:

The following is the output and interaction ##################### ######################## ######

gpg (GnuPG) 1.4.5; Copyright (C) 2006 Free Software Foundation, Inc.

This program comes with ABSOLUTELY NO WARRANTY.

This is free software, and you are welcome to redistribute it

under certain conditions. See the file COPYING for details.


gpg: we have created a directory '/root/.gnupg'

gpg: new profile '/root/.gnupg/gpg.conf' has been established

gpg: WARNING: '/root/.gnupg/gpg.conf' in options during the operation is not in use

gpg: key ring '/root/.gnupg/secring.gpg' has been established

gpg: key ring '/root/.gnupg/pubring.gpg' has been established

Please select what kind of key you want to use:

  (1) DSA and ElGamal (default)

  (2) DSA (Signed only)

  (5) RSA (only for signatures)

You choose? [Enter] <==== input

DSA key will be 1024 bits.

ELG-E key length should be between 1024 and 4096.

How much you want to use key sizes? (2048) [Enter] <==== input

The requested key size is 2048

Set this key's expiration date.

        0 = Key never expires

       = key expires in n days

       w = key expires in n weeks

       m = key expires in n months

       y = key expires in n years

Efficiency is the key term? (0) [Enter]

Key never expires

More correct? (Y / n) y <==== input


You need a user ID to identify your key; the software will use real names, notes and e-mail address combination

A user ID, as follows:

    "Heinrich Heine (Der Dichter) < heinrichh@duesseldorf.de>"


Real Name: linux <==== input

E-mail address: quiet_heart000@linux.com <==== input

Note: test <==== input

You set up the user ID:

    "Linux (test) "

Change the name (N), Note (C), e-mail address (E) or OK (O) / Quit (Q)? o <==== input

You need a password to protect your private key.


Please enter your password: <==== input

Please re-enter your password: <==== input

 
We need to generate a lot of random bytes. This time you can do more chores (such as the keyboard, move

Mouse, hard disk read and write and the like), it makes a random number generator a better chance to obtain a sufficient number of entropy.


We need to generate a lot of random bytes. This time you can do more chores (such as the keyboard, move

Mouse, hard disk read and write and the like), it makes a random number generator a better chance to obtain a sufficient number of entropy.


gpg: /root/.gnupg/trustdb.gpg: the establishment of a trust database

gpg: key DDBA2DEA is marked as absolute trust

Public and secret key created and signed.

gpg: Checking for trust database

gpg: 3 parts barely need trust and 1 part of full trust, PGP trust model

gpg: depth: 0 Effectiveness: Signed 1: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u

pub 1024D / DDBA2DEA 2011-06-14

Key fingerprint = 790A 0F2D 6826 61F3 A749 0724 DBB2 C0A5 DDBA 2DEA

uid linux (test)

sub 2048g / 2BBE2C91 2011-06-14

 
##################### Above output and interaction ######################## ######

Here, the first order of a public key encryption key, according to the system here is different, the content may be in English. Need to be input in place, through the "<==== enter" This marks the point it out. If the input information is subject to change, you can put files in ~ / .gnupg directory other than options to delete, and then run the command gpg --gen-key, or use the gpg edit option to put the key under ~ / .gnupg directory .

 
* Check the existing key:

[Root @ lv-k .gnupg] # gpg --list-keys

After input, the output is as follows:

The following is the output and interaction ##################### ######################## ######

/root/.gnupg/pubring.gpg

------------------------

pub 1024D / DDBA2DEA 2011-06-14

uid linux (test)

sub 2048g / 2BBE2C91 2011-06-14

##################### Above output and interaction ######################## ######

Here,

pub (public key) --- public key, ID: DDBA2DEA

sub (private key) --- secret key or private key, ID: 2BBE2C91

If you do not use root operation may be output the following message: "gpg: Warning: using insecure memory!" Warning does not lock memory pages, typically connect to an online operation on security issues, no matter, can make such a change. " # chmod 4755 / usr / bin / gpg ".


* Use the gpg key to encrypt and decrypt files:

Below we have a concrete example to demonstrate public key encryption, private key to decrypt the process. Here encryption / decryption mode using the RSA algorithm, public key and private key are complementary, theoretically unbreakable, no one attempt succeeded. Suppose we have to use the previous method to generate the key pair.

1, first check to be encrypted file as follows:

[Root @ lv-k gpg_test] # ls

mygpgtest

[Root @ lv-k gpg_test] # cat mygpgtest

The following is the output ########################## ##################### ####

hello!

welcome come to here

today is 2011-06-14

##################### Above output ########################## ####

 
2, the public key encryption process

1) Use the following command to encrypt a file:

[Root @ lv-k gpg_test] # gpg -ea -r linux mygpgtest

Here, the key is to use linux created earlier, we can use "gpg --list-keys" We can choose to view the public key used to encrypt. Here option "-e" is actually "--encrypt" represents the encrypted data; "- a" represents the creation ASCII output (this option can not, so the resulting file is not the content of the ASCII, and the file extension is * .gpg ); "- r" specifies the encrypted user id name.


2) to view encrypted files after:

[Root @ lv-k gpg_test] # ls

mygpgtest mygpgtest.asc

[Root @ lv-k gpg_test] # cat mygpgtest.asc

The following is the output ########################## ##################### ####

----- BEGIN PGP MESSAGE -----

Version: GnuPG v1.4.5 (GNU / Linux)

 
hQIOA6PEEmMrviyREAf9HCZ5xIlSppneZ6i7Hquxb7xUjn1q0W5ccVek6x0DxSbH

q55ugy6CmCc / excLC / zblf9qHsNDcZvMV3jjD95gu78NR1lsyDtpG9r5bX / MuPii

KxYc3oOvGNmDUO9F / g3ul9VCu / rsIkQvwxZHaEGXR3G6XH / tmhKZcjNNIxb1qQiq

xE7O0NCXEhp8FpOPozY1MzZ7wv4rXLujTrGl13sNqjSVLgp1mcUzuMRCtenttXpg

q1sXDJ7FXkxQy7UvO8eMmMzPqkFm7KfLYZjkXrYo5ZhG + nfXqs3 / HSuJ1fVe8m4 /

+ PVW1Uw2QtkfJiZVxOj60cV0lcK / P1bJHah5xEtbnQf / fI1jitFIuoJjTkoCNbeO

Sq6Kr0 + LjJMaXmlCeA6kZ7RXLHak / O5aR0BpXJCPUBIEFVnu6dftolO6JPcqMbW +

5oI4NHaJunHz0eTgOuFBsV3EVjYmH7rabV832ikY0MARWRh / b / osUv + Ht9BlUHaY

pLoGPXkLeSsCDo714Z / dufLGUEFcNxx / QAmhWGiKH4MacMvKBVE + 2uzcMAWqnyEW

Oaz0bI893YUtbQbti2rdQgVdHHXjWCmQ2YnMWv4pSBAwK7rPOrtehmdsmiOuit6x

FHvHPldc1o38u0Jg4d0LjCv / rRBdQwasJzr46dwJBOCv5rQ9Rkuul + 6rhFQGns1G

jtJxAZIWwu8ZqD572a3jYVbIl / qBAW + dM3Fnt9NRqFUJVtdrd / AIAFm / OIwlVACF

Cbmjyxqliv / WYxNdJFL + IsHMX2Ury9TT2LMaDXxez6LRPMxJxRZSFhuyoYAqDYKT

NI1LSODDRZ1WYlCOkPXlrSfzyig =

= IN1g

----- END PGP MESSAGE -----

##################### Above output ########################## ####

Here, we can see that generate mygpgtest.asc file after encryption, the contents of which have been encrypted.


3, public key decryption process

1) Use the following command to decrypt:

[Root @ lv-k gpg_test] # gpg -o mydecrypt --decrypt mygpgtest.asc

The following is the output ########################## ##################### ####

You need to enter a password to unlock the user's private key: "linux (test) "

2048 of the ELG-E key, the key number 2BBE2C91, established in 2011-06-14 (the main key number DDBA2DEA)

 
Please enter your password:
You need to enter a password to unlock the user's private key: "linux (test) "

2048 of the ELG-E key, the key number 2BBE2C91, established in 2011-06-14 (the main key number DDBA2DEA)

 
gpg: by the 2048's ELG-E key encryption, key No. 2BBE2C91, Generated on 2011-06-14

      "Linux (test) "

##################### Above output ########################## ####

Here, use -o to specify the output file, specify the use --decrypt be decrypted file. We can see, decryption, we need to enter the password to decrypt the success, and the password is, before we create the password key for time input. Note that here because the generated key, encryption, decryption on a machine, it can be successfully decrypted, if encrypted file after the other to get on top of the machine, it can not be decrypted, and if you want other machines above decryption, we need to export the local private key, sent to the machine to be decrypted, then the private key to decrypt the machines imported just exported, on the line. we will discuss later how to decrypt. If you want someone else and you use this method of communicating encrypted, you need to export your public key issued to others, and then import them to the public, in front of the encrypted using public key encryption method to use this data and send it to you, you push with your own private key to decrypt the original data decrypted, this method is also commonly used public key encryption communication. Later will detail how to export the local public and private keys, as well as how other machine before importing exported above the key.

 
2) Check to decrypt files generated

[Root @ lv-k gpg_test] # ls

mydecrypt mygpgtest mygpgtest.asc

[Root @ lv-k gpg_test] # cat mydecrypt

hello!

welcome come to here

today is 2011-06-14

[Root @ lv-k gpg_test] #

 
* Export (backup) public key:

[Root @ lv-k gpg_test] # gpg -o mypubkey --export DDBA2DEA

As used herein, the format "gpg -o keyfilename --export KeyID", use -o to specify the export file name generation using --export specify the key ID you want to export, if the backup is not KeyID all public key, if the increase -a parameter on the output text format, otherwise the output is a binary format information. Export public key can be published, as long as others import your public key published, you can use the public key to encrypt data and send it to you, then you are on your own private key to decrypt the original data decrypted, which is common method of public key encryption communication.

 
* Export Public Key in text mode:

[Root @ lv-k gpg_test] # gpg -a -o mypubkeyascii --export DDBA2DEA

Mypubkeyascii exported file can view its contents, here follows:

mypubkeyascii

----- BEGIN PGP PUBLIC KEY BLOCK -----

Version: GnuPG v1.4.5 (GNU / Linux)

 
mQGiBE320yYRBACUvTPS5Jxv2xamVudHL // PBhJESyUzHQcGtb / CPzyAkOaNVQ7U

V0DEjd + m61SAv7wwWItn9D3fOjZ09EdGY / 9mHeVEOGLPdB7Seo28UyRtr6vHCrrl

1qHBS6I6jQ / iATDg + 07O9hgDp5eCebI4aNyRGeRARx0t5vKguIF + FEzmIwCghWM8

toTSnP / bC1VePRXEZ9Uw + OkD / 0cYIH2AZIKdbtjQ9J6F7AtgiPqRnjiTL7mOj6Xa

ncjThX9XGH5DUMoqR6Gaq9 / eDtlefMwHCweiqdm1TNnvU / b7qDpw1TjxVLkHHVZk

8F4f8LsSkJNuLiqOwXwOJkuevQZ + Y3quFl3nsOtURSx5nuKkekp4toOWSe3fEFWd

BQN5A / 9Cxj55KWXzzYD8v + z0xiC3HvIWgUp0GTfcjSOfdhs9xtKe33LuGy7hoEt0

TfQpTnz8Il1cbHHYvtmAaaGrwBnBxoYrLrH5WrHx1n34ZdOszYK5p / yKW + g + 0eLt

dv / f4uXEhfPInOk21X5PRGFcyNo3fMVGIHo1S8oiEX4fuEvwWrQqcXVpZXRoZWFy

dCAodGVzdCkgPHF1aWV0X2hlYXJ0MDAwQDEyNi5jb20 + iGAEExECACAFAk320yYC

GwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRDbssCl3bot6o2bAJ918FqgoPMs

4eIQOWBDVs5sS9hSbgCfTbOggNKPJtCPJq4zr / jaPctE7Qi5Ag0ETfbTLBAIAKUn

cibGAlBwN5nW2NCN52oXWAsIXTDnUP7FmKi8K6B2PO7Bex2e95f44iOyBtLo73KF

vH64Wbl7wGQ0IOnn / AQbivoa9oaBi4 + 2mf9PbGMvo2Nrii8xcvBfvrh8Q7XsRoOH

obKv3inOGvxb0fkdUn1WkyYGtWCIl5aK8b1jUACuB6Sbdxtkeg3DrQp3BZjxgkVa

etgPnj70AtJfTFnn5WSIkBGJq2pbs7E9wNQC7NvIe62DHJj1nsPJg / d9ZdFWnQiW

HO6ik3bjRBLR4Iy82cjVOI2JmiaKVlPktphZ9id5F / a3BlcaOF5wSovE4ssHdZGN

cvk4QPLr0X9G43ZBTmcAAwUH / 07bUjqWu61uIq5XryRK99pTNLlwd1AdsB / HTgFp

UJxSZ7MRbtozvdBPVKFehAzZ13YSjiES0f1L3oGBsEeEhCPyHY + N80R + zuLMeZTx

6kFNLlm / PEFNrnFpqGPEJZ / 1HRyt + hTsfFCFM4nYzhul7s10XKGiHHN1wUMc / ixt

+ Tmk / dD6IA / QnhI1WUMzF2XgJ3Ql4ZmLCSNV7CXPEt044J8ZnuTT + HwO4AX7bfSt

PTpyi7LMD / BVfOikczvf38Bz / IUnXi8x1pjBglZBE7jvkqc + nqe7BYQ / ga27c374

zQDIAmAXcZ0TR35T + ZiyavQHKiRSuAG0q3T2oO74yvb8AgmISQQYEQIACQUCTfbT

LAIbDAAKCRDbssCl3bot6uJ8AJ4h8ShsY6DLjmJjitl + 8iHnh5tZQACeOqHsQXjr

dei6gV8vMB87xwbWe5E =

= Ynen

----- END PGP PUBLIC KEY BLOCK -----

In general, many parts of the public key published online by this text.


* Export (Backup) the private key:

[Root @ lv-k gpg_test] # gpg -o mysubkey --export-secret-keys 2BBE2C91

If you do not KeyID is to back up all the private, -o indicates the output to a file mysubkey if the -a parameter is output in text format, otherwise the output is a binary format information.


* Import the private key:

gpg --import mysubkey

After input, the output is as follows:

The following is the output ########################## ##################### ####

gpg: key DDBA2DEA: private imported

gpg: /home/lv-k/.gnupg/trustdb.gpg: the establishment of a trust database

gpg: key DDBA2DEA: public key "linux (test) " imported

gpg: Total quantity to be processed: 1

gpg: imported: 1

gpg: read private key: 1

gpg: imported private key: 1

##################### Above output ########################## ####

Here, if you import a public key command is the same, but the specified file should be "mypubkey" the. This command is running on another machine, and then import the private key that machine, you can use this private key to decrypt the data. In general we are introducing people to publish the public key, but not import private keys.

Practice found

* After importing the private key, another machine can be used directly corresponding public key encryption, without importing the public key; this additional time that the machine can also export the public key, but there is a line, and the original contents of the public key is not the same machine, but using the public key to encrypt data can also be used to decrypt the original out of the machine.

* After importing the public key, another host can not export the private key, the public key can be exported, exports, and like the original. After using the public key encryption, decryption can not (because there is no private key).

Whether importing a public or private, to see the results after the import can be imported by gpg --list-keys, but you can see from the results that the pair did not import (or private or public) of KeyID.


** Signature verification

Signature verification is the role of plaintext, encrypted file, the key is from the correct sender, not through someone else changes. Signature key pair is used with the same cryptographic operations. Only in the result, different points. It was only in the final document added encrypted authentication information (signature). Once the file has changed, the signature verification error occurs. For example, when we install the Ubuntu software, the first to use pre-saved key (mostly from hkp: //keyserver.ubuntu.com get) source signature verification software, to ensure that we do not even correct secure download servers.

* View previous directories and files are as follows:

[Root @ lv-k gpgtest] # pwd

/ Root / tmpTrans / gpgtest

[Root @ lv-k gpgtest] # ls

mydecrypt

[Root @ lv-k gpgtest] # cat mydecrypt

hello!

welcome come to here

today is 2011-06-14


* Generate a signature, as follows:

[Root @ lv-k gpgtest] # gpg -o mydecrypt.sig -s mydecrypt

The following is the output ########################## ##################### ####

You need to enter a password to unlock the user's private key: "linux (test) "

1024 DSA key, key number DDBA2DEA, established in 2011-06-14


Please enter your password:
##################### Above output ########################## ####

[Root @ lv-k gpgtest] # ls

mydecrypt mydecrypt.sig

Here you can see the generated mydecrypt.sig file (whose contents are garbled), wherein, mydecrypt original file, mydecrypt.sig contains original documents and signatures, is binary, this command will ask you to enter the private key password.


* Generating text format signature

[Root @ lv-k gpgtest] # gpg -o mydecrypt.sig --clearsign mydecrypt

The following is the output ########################## ##################### ####


You need to enter a password to unlock the user's private key: "linux (test) "

1024 DSA key, key number DDBA2DEA, established in 2011-06-14


Please enter your password: < enter your password here ====

##################### Above output ########################## ####

[Root @ lv-k gpgtest] # cat mydecrypt.sig

----- BEGIN PGP SIGNED MESSAGE -----

Hash: SHA1


hello!

welcome come to here

today is 2011-06-14

----- BEGIN PGP SIGNATURE -----

Version: GnuPG v1.4.5 (GNU / Linux)

 
iD8DBQFOCFkQ27LApd26LeoRAvC + AJ9xp1HLT6zup7AZtan5qpQrpQyn1QCfV0Zy

HG + z + / hxfrbs9pzo6ODYDG4 =

= O1 + k

----- END PGP SIGNATURE -----

Here, we can see by the above mydecrypt.sig produced also contains original documents and signatures, the file is a text format, the original files intact. Unlock and signature verification method

 
* Verify the signature:

[Root @ lv-k tmp] # gpg --verify mydecrypt.sig

gpg: on June 27, 2011 Monday 17:58:39 CST signature created using DSA, the key number DDBA2DEA

gpg: Signature intact, from the "linux (test) "

Here, prior to authentication, you must import the file author's public key for signature last separation plus the original file parameters (will be mentioned later).

 
* The signature file recovery

[Root @ lv-k tmp] # gpg -o my --decrypt mydecrypt.sig

gpg: on June 27, 2011 Monday 17:58:39 CST signature created using DSA, the key number DDBA2DEA

gpg: Signature intact, from the "linux (test) "

[Root @ lv-k tmp] # cat my

hello!

welcome come to here

today is 2011-06-14

Here, no password, and generated files my name as the original file.

 
* Signed and encrypted:

[Root @ lv-k gpgtest] # gpg -o mydecrypt.sig -ser linux mydecrypt

The following is the output ########################## ##################### ####


You need to enter a password to unlock the user's private key: "linux (test) "

1024 DSA key, key number DDBA2DEA, established in 2011-06-14

 
Please enter your password:
##################### Above output ########################## ####

Here, the file can not be directly verified by mydecrypt.sig "gpg --verify mydecrypt.sig". But decryption restore files directly when verified, we will discuss later.

 
* Recover encrypted signature file:

[Root @ lv-k gpgtest] # gpg -o my --decrypt mydecrypt.sig

The following is the output ########################## ##################### ####

You need to enter a password to unlock the user's private key: "linux (test) "

2048 of the ELG-E key, the key number 2BBE2C91, established in 2011-06-14 (the main key number DDBA2DEA)


Please enter your password: <==== here to enter your password, enter the following prompt disappear

gpg: by the 2048's ELG-E key encryption, key No. 2BBE2C91, Generated on 2011-06-14

"Linux (test) "

gpg: on June 27, 2011 Monday 18:11:27 CST signature created using DSA, the key number DDBA2DEA

gpg: Signature intact, from the "linux (test) "

##################### Above output ########################## ####

[Root @ lv-k gpgtest] # cat my

hello!

welcome come to here

today is 2011-06-14

Here, after the decryption verification, rather than directly to verify, because they can not by "gpg --verify mydecrypt.sig" directly verify the cryptographic signature file.


* Separate signature:

[Root @ lv-k gpgtest] # gpg -o mydecrypt.sig -ab mydecrypt

The following is the output ########################## ##################### ####


You need to enter a password to unlock the user's private key: "linux (test) "

1024 DSA key, key number DDBA2DEA, established in 2011-06-14

 
Please enter your password: <==== here to enter your password, enter the following prompt disappear

##################### Above output ########################## ####

[Root @ lv-k gpgtest] # cat mydecrypt.sig

----- BEGIN PGP SIGNATURE -----

Version: GnuPG v1.4.5 (GNU / Linux)


iD8DBQBOCZDP27LApd26LeoRArTQAJ9q13 / 4jVvJbg5f83lNnoC1Gq111wCfWRm8

1awHtUl2sN9SWNt0qNoFQHw =

= YSnh

----- END PGP SIGNATURE -----

Here, mydecrypt.sig contains only the signature, signature separation means that the original documents and signatures are separated. b option indicates separate signature detach-sign.


* Separation of signature verification:

[Root @ lv-k gpgtest] # gpg --verify mydecrypt.sig mydecrypt

gpg: on June 28, 2011 Tuesday 16:29:03 CST signature created using DSA, the key number DDBA2DEA

gpg: Signature intact, from the "linux (test) "

Here, and in front of validation in different ways, because the signature and data files are separate, so the verification that the signer file "mydecrypt.sig" must also indicate the appropriate data file "mydecrypt". Since the signatures are separated, there is no need to use "--decrypt" for recovery, if recovery is only then print out the signature information (where "recovery" when not specified in the data file, it will remind you to indicate the location of data files) .


[other]

** EDIT public

The public key can be edited, did not practice here, roughly as follows:

#gpg --edit-key someone

someone is someone else's user id, after input, a command prompt.

> Fpr <=== enter this view represents someone's fingerprint, check the authenticity of information, so that after the signing.

> Sign <=== enter the signed public key, and later use it to encrypt when no warning.

> Check <=== enter this, someone has to check the key signature.

> Quit <=== enter the exit interactive, you may be prompted to save the previous settings.
     
         
         
         
  More:      
 
- Talk about Java EE Learning (Programming)
- How to Install Winusb in Ubuntu 14.04 (Linux)
- Debian 8 (amd64) installation deployment Memcached management tools MemAdmin (Server)
- Linux file permissions chmod chown (Linux)
- How to disable UEFI to install Linux on Win8 (Linux)
- Linux Study of --CentOS create local yum repository (Linux)
- Binary Packages Golang (Linux)
- JDK tools jstat (Linux)
- findmnt- Looking mounted file system (Linux)
- CentOS 6.5 / Linux restart network card being given Determining if ip address x.x.x.x is already in use (Linux)
- Oracle table of nested loop connection (Database)
- Not safe procedure under Linux (Linux)
- Compare Oracle MySQL (ICP) index condition pushdown is described (Database)
- Linux Mint 17 set up the Ruby environment (Linux)
- The ActiveMQ JMS installation and application examples for Linux (Linux)
- Ubuntu is not in the sudoers file problem solving (Linux)
- Oracle partition table data migration, process management automation (Database)
- Generic mechanism C11 standard (Programming)
- An example of troubleshooting of embedded Linux OpenWRT (Linux)
- 14 useful example Linux Sort command (Linux)
     
           
     
  CopyRight 2002-2020 newfreesoft.com, All Rights Reserved.