1.在Ubuntu Linux 下,用GPG命令就可以实现文件的加密和解密,而且GPG基本上每个发行版都会预装;
2.生成gpg新密钥;[root@php-desktop]:~# gpg --gen-key
3.Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 1
4.What keysize do you want? (2048) 2048
5.Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 0
6.Key does not expire at all
Is this correct? (y/N) y
7.Real name: ubuntutest
Email address: : ubuntutest
You selected this USER-ID:
"ubuntutest (ubuntutest) <>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?o
8.输入两次密码;
9.当提示说Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 280 more bytes)的时候,最好的办法是打包一个根目录,比如:[root@php-desktop]:~# tar -zvcf usr.tar.gz usr/ 当提示public and secret key created and signed.说明gpg已经生成,我们这时可以手动停止打包的操作了;
10.导出公钥提供给节点 [root@php-desktop]:~# gpg --export ubuntutest > ubuntutest.key 这里的ubuntutest.key就是公钥
11.将ubuntutest.key拷贝到节点,然后使用[root@php-desktop]:~# gpg --import ubuntutest.key导入公钥,这样节点就可以使用这个公钥对文件进行加密跟中心进行安全通讯了;
12.节点的密钥生成和中心一样,重复上述的步骤即可;
13.gpg --gen-key 开始生产密钥
14.gpg -o name.gpg -a --export name导出name的公钥
15.gpg --import someone.gpg导入someone的公钥
16.gpg -o doc.gpg -er name doc用name公钥对文件doc加密,生成doc.gpg文件
17.gpg --batch --passphrase antiy123 -o test.txt -d test.gpg用antiy123解密test.gpg文件,生成test.txt文件
18.gpg --delete-keys删除密钥
19.gpg --delete-secret-keys 删除私钥
20.gpg --edit-key B4210001 修改密钥的可信度输入trust 选择5 save保存退出
21.切换到普通用户重复20步骤
阅读(2248) | 评论(0) | 转发(0) |