PGP生成密钥对

一 安装方法

[root@centos gnupg-2.1.4]# yum install gnupg

二 检测安装是否成功

[root@centos gnupg-2.1.4]# gpg --help

如果屏幕显示GPG帮助，就表示安装成功。

三 生成密钥对

1. [root@centos gnupg-2.1.4]# gpg --gen-key
2. gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
3. This is free software: you are free to change and redistribute it.
4. There is NO WARRANTY, to the extent permitted by law.
6. gpg: directory `/root/.gnupg' created
7. gpg: new configuration file `/root/.gnupg/gpg.conf' created
8. gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
9. gpg: keyring `/root/.gnupg/secring.gpg' created
10. gpg: keyring `/root/.gnupg/pubring.gpg' created
11. Please select what kind of key you want:
12. (1) RSA and RSA (default)
13. (2) DSA and Elgamal
14. (3) DSA (sign only)
15. (4) RSA (sign only)
16. Your selection? 1 #选择密钥类型（这里我们选择加密算法是RSA、数字签名算法也是RSA）
17. RSA keys may be between 1024 and 4096 bits long.
18. What keysize do you want? (2048) 2048 #设置密钥的比特数
19. Requested keysize is 2048 bits
20. Please specify how long the key should be valid.
21. 0 = key does not expire
22. <n> = key expires in n days
23. <n>w = key expires in n weeks
24. <n>m = key expires in n months
25. <n>y = key expires in n years
26. Key is valid for? (0) 1y #设置密钥有效期（一年）
27. Key expires at Mon 14 Oct 2019 09:51:43 AM CST
28. Is this correct? (y/N) y #确认有效性
30. GnuPG needs to construct a user ID to identify your key.
32. Real name: cakin #输入姓名
33. Email address: 798102175@qq.com #输入邮箱地址
34. Comment: cakin #输入备注
35. You selected this USER-ID:
36. "cakin (cakin) <798102175@qq.com>"
38. Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O #选择OK
39. You need a Passphrase to protect your secret key. #口令输入界面
41. We need to generate a lot of random bytes. It is a good idea to perform
42. some other action (type on the keyboard, move the mouse, utilize the
43. disks) during the prime generation; this gives the random number
44. generator a better chance to gain enough entropy.
45. We need to generate a lot of random bytes. It is a good idea to perform
46. some other action (type on the keyboard, move the mouse, utilize the
47. disks) during the prime generation; this gives the random number
48. generator a better chance to gain enough entropy.
49. gpg: /root/.gnupg/trustdb.gpg: trustdb created #创建信任网的数据库
50. gpg: key F15FE9FE marked as ultimately trusted #自己生成的密钥将被设置为“绝对信任”
51. public and secret key created and signed.
53. gpg: checking the trustdb
54. gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
55. gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
56. gpg: next trustdb check due at 2019-10-14
57. pub 2048R/F15FE9FE 2018-10-14 [expires: 2019-10-14] #F15FE9F密钥生成完毕
58. Key fingerprint = 9B42 B3CC DBA4 B411 ACEA F0F5 08C9 3BF3 F15F E9FE
59. uid cakin (cakin) <798102175@qq.com>
60. sub 2048R/E672385C 2018-10-14 [expires: 2019-10-14]

四 查看刚才生成的公钥

1. [root@centos gnupg-2.1.4]# gpg --export --armor E672385C
2. -----BEGIN PGP PUBLIC KEY BLOCK-----
3. Version: GnuPG v2.0.22 (GNU/Linux)
5. mQENBFvCof4BCACyb/vGxaAqlpT3X/XAkXwV34j7e+KhrBEKdDIjY3Uwc7tmXfcf
6. 0gtyJ+XYGjo/umz9lfD1eCfmqHqXAX4yw6qCqSonb7MforYYVwIcC9MgCY4zJS93
7. mteKLnJBBdEinylC34EAYKKJ8+nVJ0j8J4AREcFELseqpzbzszKqAcj+ZSif5ov+
8. sOSaMxKJfFLmxw/7MQ/imL0pko93VQtWdIXVlCIlw9CcWNxkDsR1rOeHlm7nEPTb
9. tjzdto+nZR85J93eAWvJuFc+sQVh6jqtVf8d7/RxbCxLxyXCZITIvCY/G8exDE5c
10. 3kzhV+lHrAnQVXUeLfkR73MaLUlyjmdkgt/XABEBAAG0IGNha2luIChjYWtpbikg
11. PDc5ODEwMjE3NUBxcS5jb20+iQE/BBMBAgApBQJbwqH+AhsDBQkB4TOABwsJCAcD
12. AgEGFQgCCQoLBBYCAwECHgECF4AACgkQCMk78/Ff6f5r2wgAioaYmQx1RRKVTkmQ
13. bL6LmMTpswqqvTn2OwqZZGT2OHf8TqHcJbzemFO+RdRVLDNROspWUYqUAey0Ky3H
14. VXOM1CJrcWh6pXWgL5ZtHieDMulYaeWt9guDrEYt3a9KsnBfQD8f86uxpd55d7Lg
15. xHFADksUNVMK204eVZZ3FrK3cHLBu3vGtwyBQUAT4UTRE8W1a/CJC6259vJd0bc9
16. 8wQ/QIYKLUKuCuF+6+xLucQrcv/0APWsdQQS9UOFGAcW/beNXkUTKazadeulLen0
17. KyovDVR2YMNrj73iP1bOdfIglCIQVe/3OsA1H1OXnzOO1n5G1Uex+fdZZAnrRkoW
18. CLszNLkBDQRbwqH+AQgAyX8bPz/mDC/gtFZjnhLkvaw35tfkTpTeNHrfZ2GFqLIE
19. C+jqX+2H4YwjXwX6D+eYLGzZxbQ3Mhi44Pf1dMmhD7m75qoALTlyQVmiMy3JqSuf
20. db31r29gcO5oq0RJks8visNTKCSNwDPT7M9Od7EyS6oD9wjOgSYwsAiThqDQGUDB
21. VzeVzVEW6L3DxUGuiPm+WSMEQCQWb3w2yXJTC5GmlB2jyweHh8VMNcoiIfPx95jL
22. 1M/N92BJt8cZsQr1WsT/dprF0NVM33wDpHq5hjFffunB3jntcFH1N23lZ+gQCPs3
23. jBtua3kXm8aItvQlD3L7y6Ielq96Jbh+JAd0qgcmiwARAQABiQElBBgBAgAPBQJb
24. wqH+AhsMBQkB4TOAAAoJEAjJO/PxX+n+fvcIAK67lctvQSVLu/X836s/RJ2dwrWt
25. VJfjQwi4LP/ww1fsHlQ/RgI8h/wiJRCmzYrsT2cB7jvxVducNqmgg4z9/xAX1Jy9
26. TKmtk3qllnyeK29DkJN1P6RBTchlRImQAID3w7QEB8dj3sCNlQNgV8oB4YWqVxjE
27. PE+uaQQGa4VBOB40iAr45bfWLVlkuwqYRbI3GZNjsbCQKcfQO1HD8/87zKXHTEUa
28. neVGfQVscSqq4LYDlkDFDfs6r7uckD2w7vi4M3YjG2XH7CwAJDxAE5HUX8EaMxU2
29. RAHumd1Z9Otqfds38yeHTxTGhCszu3DteYWX6f0kwuZmLfAGUT7Kv/idJBY=
30. =4oaQ
31. -----END PGP PUBLIC KEY BLOCK-----

五 列出密钥

1. #list-keys 参数列出系统已有的密钥
2. [root@centos gnupg-2.1.4]# gpg --list-keys
3. #显示公钥文件名
4. /root/.gnupg/pubring.gpg
5. #显示公钥特征（4096位，Hash字符串和生成时间）
6. pub 2048R/F15FE9FE 2018-10-14 [expires: 2019-10-14]
7. #显示用户ID
8. uid cakin (cakin) <798102175@qq.com>
9. #显示私钥特征
10. sub 2048R/E672385C 2018-10-14 [expires: 2019-10-14]

六 将公钥导入到文件

公钥文件（.gnupg/pubring.gpg）以二进制形式储存，armor 参数可以将其转换为 ASCII 码显示。

"用户 ID"指定哪个用户的公钥，output 参数指定输出文件名（public-key.txt）。

1. [root@centos gnupg-2.1.4]# gpg --armor --output public-key.txt --export cakin
2. [root@centos gnupg-2.1.4]# cat public-key.txt
3. -----BEGIN PGP PUBLIC KEY BLOCK-----
4. Version: GnuPG v2.0.22 (GNU/Linux)
6. mQENBFvCof4BCACyb/vGxaAqlpT3X/XAkXwV34j7e+KhrBEKdDIjY3Uwc7tmXfcf
7. 0gtyJ+XYGjo/umz9lfD1eCfmqHqXAX4yw6qCqSonb7MforYYVwIcC9MgCY4zJS93
8. mteKLnJBBdEinylC34EAYKKJ8+nVJ0j8J4AREcFELseqpzbzszKqAcj+ZSif5ov+
9. sOSaMxKJfFLmxw/7MQ/imL0pko93VQtWdIXVlCIlw9CcWNxkDsR1rOeHlm7nEPTb
10. tjzdto+nZR85J93eAWvJuFc+sQVh6jqtVf8d7/RxbCxLxyXCZITIvCY/G8exDE5c
11. 3kzhV+lHrAnQVXUeLfkR73MaLUlyjmdkgt/XABEBAAG0IGNha2luIChjYWtpbikg
12. PDc5ODEwMjE3NUBxcS5jb20+iQE/BBMBAgApBQJbwqH+AhsDBQkB4TOABwsJCAcD
13. AgEGFQgCCQoLBBYCAwECHgECF4AACgkQCMk78/Ff6f5r2wgAioaYmQx1RRKVTkmQ
14. bL6LmMTpswqqvTn2OwqZZGT2OHf8TqHcJbzemFO+RdRVLDNROspWUYqUAey0Ky3H
15. VXOM1CJrcWh6pXWgL5ZtHieDMulYaeWt9guDrEYt3a9KsnBfQD8f86uxpd55d7Lg
16. xHFADksUNVMK204eVZZ3FrK3cHLBu3vGtwyBQUAT4UTRE8W1a/CJC6259vJd0bc9
17. 8wQ/QIYKLUKuCuF+6+xLucQrcv/0APWsdQQS9UOFGAcW/beNXkUTKazadeulLen0
18. KyovDVR2YMNrj73iP1bOdfIglCIQVe/3OsA1H1OXnzOO1n5G1Uex+fdZZAnrRkoW
19. CLszNLkBDQRbwqH+AQgAyX8bPz/mDC/gtFZjnhLkvaw35tfkTpTeNHrfZ2GFqLIE
20. C+jqX+2H4YwjXwX6D+eYLGzZxbQ3Mhi44Pf1dMmhD7m75qoALTlyQVmiMy3JqSuf
21. db31r29gcO5oq0RJks8visNTKCSNwDPT7M9Od7EyS6oD9wjOgSYwsAiThqDQGUDB
22. VzeVzVEW6L3DxUGuiPm+WSMEQCQWb3w2yXJTC5GmlB2jyweHh8VMNcoiIfPx95jL
23. 1M/N92BJt8cZsQr1WsT/dprF0NVM33wDpHq5hjFffunB3jntcFH1N23lZ+gQCPs3
24. jBtua3kXm8aItvQlD3L7y6Ielq96Jbh+JAd0qgcmiwARAQABiQElBBgBAgAPBQJb
25. wqH+AhsMBQkB4TOAAAoJEAjJO/PxX+n+fvcIAK67lctvQSVLu/X836s/RJ2dwrWt
26. VJfjQwi4LP/ww1fsHlQ/RgI8h/wiJRCmzYrsT2cB7jvxVducNqmgg4z9/xAX1Jy9
27. TKmtk3qllnyeK29DkJN1P6RBTchlRImQAID3w7QEB8dj3sCNlQNgV8oB4YWqVxjE
28. PE+uaQQGa4VBOB40iAr45bfWLVlkuwqYRbI3GZNjsbCQKcfQO1HD8/87zKXHTEUa
29. neVGfQVscSqq4LYDlkDFDfs6r7uckD2w7vi4M3YjG2XH7CwAJDxAE5HUX8EaMxU2
30. RAHumd1Z9Otqfds38yeHTxTGhCszu3DteYWX6f0kwuZmLfAGUT7Kv/idJBY=
31. =4oaQ
32. -----END PGP PUBLIC KEY BLOCK-----

七 导出私钥

export-secret-keys 参数可以转换私钥。

1. [root@centos gnupg-2.1.4]# gpg --armor --output private-key.txt --export-secret-keys
2. [root@centos gnupg-2.1.4]# cat private-key.txt
3. -----BEGIN PGP PRIVATE KEY BLOCK-----
4. Version: GnuPG v2.0.22 (GNU/Linux)
6. lQO+BFvCof4BCACyb/vGxaAqlpT3X/XAkXwV34j7e+KhrBEKdDIjY3Uwc7tmXfcf
7. 0gtyJ+XYGjo/umz9lfD1eCfmqHqXAX4yw6qCqSonb7MforYYVwIcC9MgCY4zJS93
8. mteKLnJBBdEinylC34EAYKKJ8+nVJ0j8J4AREcFELseqpzbzszKqAcj+ZSif5ov+
9. sOSaMxKJfFLmxw/7MQ/imL0pko93VQtWdIXVlCIlw9CcWNxkDsR1rOeHlm7nEPTb
10. tjzdto+nZR85J93eAWvJuFc+sQVh6jqtVf8d7/RxbCxLxyXCZITIvCY/G8exDE5c
11. 3kzhV+lHrAnQVXUeLfkR73MaLUlyjmdkgt/XABEBAAH+AwMCMhtLuW8wbVvjUU4t
12. V8m3nnbO3wvy2Ai7g3154WM54Kcz6L5EOBq3ZvBrd5fsz5o2/elS8YrR4M4evSQy
13. KsdQj/dhWvTH06r/tkse/6kOy/z/KA5PS0RPodsGpzx+fdP27TVDJuNJssrLBxYN
14. wiNLQc38VZhikntmSbStfl5GtmpohuAtsVvaF5I5yH40w2cDUJXe1qUSjRQmHLTm
15. s+xFgXG2PCf99oKGBGYr92lnDwtvcLWJqx0CSUI5ExovmA2d2ptyHUzfLnwhXeF1
16. c3CTVSa9dKilPDx6tukyb69VVtHfHKoxbfkOh+7x6PboKg++HMLnVX4cdg2DLWxb
17. GFU74VEFyVkslJY6vZ5f9d13HOw5HTzguJzm7gSvzzgjlnN9zxWL4GjJiW+X8Pfj
18. +tYKtIEWhpEzXrkIn9wp+TppUCOBaw2gkzozsVckWBbLDPH7dOkQ4lZKO1t8HyJa
19. /eq53JAOd6tq63G/TTefkr8Yt5G3ycEfwU9giJnKbP54W5aXZmIUsnpAv/6ozBNi
20. Sk3DzB0zhTA3eMmhgnUayl8Y7b3anHhG4k5ajp3E8rnM1K/P+MihS9ytTSUosBna
21. eh3ISROBpXl7iqiIIJqGKFEyfdcy4MNLfGfmdZ0PQoniuGiooflvvHG+9ASqeZrd
22. kVhspQB+ZvIfJ2futy7yaTXvrk86itcowaHL6Slmsv0ji1XfMO8C6Dim8bKRkbJ2
23. Hi/8vhf1yxDY8Kqo2jkEvGGd7pDgBjyjR1EwEHy4fLmjUlgzjQc3ZL2USR7ksPSo
24. t4KBk2yQx/RfcFnmzEbT9AnNCCb+5kfqsMAiv59UboyEIn/547OlVCmfajXRTYey
25. 0v/4L377XUM/PWqeEu2k7ZdySjM6PAGiFEjT78aI0WsTKPFGTB6Zq5yZ273TC8GK
26. WrQgY2FraW4gKGNha2luKSA8Nzk4MTAyMTc1QHFxLmNvbT6JAT8EEwECACkFAlvC
27. of4CGwMFCQHhM4AHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRAIyTvz8V/p
28. /mvbCACKhpiZDHVFEpVOSZBsvouYxOmzCqq9OfY7CplkZPY4d/xOodwlvN6YU75F
29. 1FUsM1E6ylZRipQB7LQrLcdVc4zUImtxaHqldaAvlm0eJ4My6Vhp5a32C4OsRi3d
30. r0qycF9APx/zq7Gl3nl3suDEcUAOSxQ1UwrbTh5VlncWsrdwcsG7e8a3DIFBQBPh
31. RNETxbVr8IkLrbn28l3Rtz3zBD9AhgotQq4K4X7r7Eu5xCty//QA9ax1BBL1Q4UY
32. Bxb9t41eRRMprNp166Ut6fQrKi8NVHZgw2uPveI/Vs518iCUIhBV7/c6wDUfU5ef
33. M47WfkbVR7H591lkCetGShYIuzM0nQO+BFvCof4BCADJfxs/P+YML+C0VmOeEuS9
34. rDfm1+ROlN40et9nYYWosgQL6Opf7YfhjCNfBfoP55gsbNnFtDcyGLjg9/V0yaEP
35. ubvmqgAtOXJBWaIzLcmpK591vfWvb2Bw7mirREmSzy+Kw1MoJI3AM9Psz053sTJL
36. qgP3CM6BJjCwCJOGoNAZQMFXN5XNURbovcPFQa6I+b5ZIwRAJBZvfDbJclMLkaaU
37. HaPLB4eHxUw1yiIh8/H3mMvUz833YEm3xxmxCvVaxP92msXQ1UzffAOkermGMV9+
38. 6cHeOe1wUfU3beVn6BAI+zeMG25reRebxoi29CUPcvvLoh6Wr3oluH4kB3SqByaL
39. ABEBAAH+AwMCMhtLuW8wbVvj5lwljMP4sXALZ0W1XNtifVxPCF2GpSaPLQ89GtDr
40. Qh4jgrF7p5EJ4VX1bQEoGjKe5l1HlqRXZ7HZstuRV5ftARPfRRY2bW9UcBVjnfkF
41. HPcSyjiq/UmDzUyqO3H1VFO1aNeuLZt9di2BUXArSh9YDwpUq46gbq+RDcJ+R88f
42. iOibGVx22LR0ylxbmmuc4le7e/o69asvuQAopg5tgNSWRRY8g2SbyOFX5+C3VIZR
43. 8f3kWU6Es2iCjta5iHIeWSCH16jqofoRtAUAG/jX8Ys1GtEn5e6P0S8L5GfDpVFK
44. +WLObJuJhstSEy2OMO/r23brQ076LOjbbloMKpK3tKbOO3wdvtQLOqIlrYcyq9x9
45. RXOal0KkEAdqbPCRbQAc5KWatr9GdJm1D59kHqrbDxpEKPryxOK4BNOEpjo+K1X2
46. IWRnfZOq3Owa6L3LDHOUi1a5XLYsXogrtzFY/7TXqWJsQnH9uap+eQ1FYx1Q1wBo
47. /JljTk1PzXKEO4lDZ2WeaccYjRrMpT9CiavRsDKT0pzU8RE59fvur0q3t/MzN1zA
48. oAlJ64XGcYn+h+801EiqxVAc67u2/GlhGwTGj0a4Y8NOrHxOw0I4qdBFIWL2Lr+h
49. WrZodHfLClzHq7OBSA1EdxDnzQhM5kpB88GICaWMLFFHHoIFF/JsA5lvIKrjO4ca
50. PcnL1Vr4pZz3pGANd1Jj39i+FlWvmKMFpVrGakao46gAL6948m+YfuCZGC0W//gT
51. vl9yhsK+NH4WfDVGOUOEhKMpJhVceQ9ShBOId8D7zNJKm8Tr3FFP9S76hB7YAeJ4
52. RdHYktK+TqtS5/3o9ispLbcQDkTYOibxSNYdCai5Cz0vwE6Wz+tYPONZKhe5nA28
53. fTItHI1XwzS7Zdy4rr2ExxM8T+R7cokBJQQYAQIADwUCW8Kh/gIbDAUJAeEzgAAK
54. CRAIyTvz8V/p/n73CACuu5XLb0ElS7v1/N+rP0SdncK1rVSX40MIuCz/8MNX7B5U
55. P0YCPIf8IiUQps2K7E9nAe478VXbnDapoIOM/f8QF9ScvUyprZN6pZZ8nitvQ5CT
56. dT+kQU3IZUSJkACA98O0BAfHY97AjZUDYFfKAeGFqlcYxDxPrmkEBmuFQTgeNIgK
57. +OW31i1ZZLsKmEWyNxmTY7GwkCnH0DtRw/P/O8ylx0xFGp3lRn0FbHEqquC2A5ZA
58. xQ37Oq+7nJA9sO74uDN2Ixtlx+wsACQ8QBOR1F/BGjMVNkQB7pndWfTran3bN/Mn
59. h08UxoQrM7tw7XmFl+n9JMLmZi3wBlE+yr/4nSQW
60. =EWAX
61. -----END PGP PRIVATE KEY BLOCK-----

八 参考