我有好幾個電腦,只想用一對金鑰;也就是說我需要把我的私鑰,放到那幾個電腦上。這樣,我就就可以在任意電腦上,解密和簽名以及其他。
使用(臨時)公鑰把私鑰加密,然後傳到我的其他某個電腦,再解密。
root@debian8:~# gpg -k
root@debian8:~# gpg -k
/root/.gnupg/pubring.gpg
------------------------
pub 4096r/276856f7 2016-11-25 [expires: 2017-04-24]
uid franklinyang (encrypt rsa 4096)
sub 4096r/0a09dac9 2016-11-25 [expires: 2017-04-24]
root@debian8:~#
root@debian8:~#
(編輯這個key,並且修改trust)
root@debian8:~# gpg -k
/root/.gnupg/secring.gpg
------------------------
sec 1024d/d04d1a0b 2016-11-25 [expires: 2016-12-09]
uid debian8
ssb 2048g/c1845da4 2016-11-25
root@debian8:~# gpg -k
/root/.gnupg/pubring.gpg
------------------------
pub 4096r/276856f7 2016-11-25 [expires: 2017-04-24]
uid franklinyang (encrypt rsa 4096)
sub 4096r/0a09dac9 2016-11-25 [expires: 2017-04-24]
pub 1024d/d04d1a0b 2016-11-25 [expires: 2016-12-09]
uid debian8
sub 2048g/c1845da4 2016-11-25 [expires: 2016-12-09]
root@debian8:~#
[root@centos7 ~]# gpg -k
[root@centos7 ~]#
[root@centos7 ~]#
[root@centos7 ~]# gpg -k
/root/.gnupg/pubring.gpg
------------------------
pub 4096r/276856f7 2016-11-25 [expires: 2017-04-24]
uid franklinyang (encrypt rsa 4096)
sub 4096r/0a09dac9 2016-11-25 [expires: 2017-04-24]
[root@centos7 ~]#
[root@centos7 ~]#
(編輯這個key,並且修改trust)
[root@centos7 ~]# gpg -k
/root/.gnupg/secring.gpg
------------------------
sec 1024d/28d414a1 2016-11-25 [expires: 2016-12-09]
uid centos7
ssb 2048g/cda873f4 2016-11-25
[root@centos7 ~]# gpg -k
/root/.gnupg/pubring.gpg
------------------------
pub 4096r/276856f7 2016-11-25 [expires: 2017-04-24]
uid franklinyang (encrypt rsa 4096)
sub 4096r/0a09dac9 2016-11-25 [expires: 2017-04-24]
pub 1024d/28d414a1 2016-11-25 [expires: 2016-12-09]
uid centos7
sub 2048g/cda873f4 2016-11-25 [expires: 2016-12-09]
[root@centos7 ~]#
root@debian8:~# gpg -a -o debian8.pub.key --export d04d1a0b
root@debian8:~#
root@debian8:~#
root@debian8:~# l debian8.pub.key
-rw-r--r-- 1 root root 1645 nov 25 23:16 debian8.pub.key
root@debian8:~#
root@debian8:~# scp debian8.pub.key [email protected]:/root/
password:
debian8.pub.key 100% 1645 1.6kb/s 00:00
root@debian8:~#
root@debian8:~#
[root@centos7 ~]# gpg -a -o centos7.pub.key --export 28d414a1
[root@centos7 ~]# ls -l centos7.pub.key
-rw-r--r--. 1 root root 1662 nov 25 23:15 centos7.pub.key
[root@centos7 ~]#
[root@centos7 ~]# scp centos7.pub.key [email protected]:/root/
password:
centos7.pub.key 100% 1662 1.6kb/s 00:00
[root@centos7 ~]#
opensuse13:~ # gpg --import debian8.pub.key
gpg: key d04d1a0b: public key "debian8" imported
gpg: total number processed: 1
gpg: imported: 1
opensuse13:~ # gpg --import centos7.pub.key
gpg: key 28d414a1: public key "centos7" imported
gpg: total number processed: 1
gpg: imported: 1
opensuse13:~ #
(編輯這二個key,並且修改trust)
opensuse13:~ # gpg -k
/root/.gnupg/pubring.gpg
------------------------
pub 4096r/276856f7 2016-11-25 [expires: 2017-04-24]
uid [ultimate] franklinyang (encrypt rsa 4096)
sub 4096r/0a09dac9 2016-11-25 [expires: 2017-04-24]
pub 1024d/d04d1a0b 2016-11-25 [expires: 2016-12-09]
uid [unknown] debian8
sub 2048g/c1845da4 2016-11-25 [expires: 2016-12-09]
pub 1024d/28d414a1 2016-11-25 [expires: 2016-12-09]
uid [unknown] centos7
sub 2048g/cda873f4 2016-11-25 [expires: 2016-12-09]
opensuse13:~ #
整個過程的唯一不安全的地方就在這裡,通過scp分發2個「臨時」公鑰;沒有涉及認證,也沒有簽名!其實可以簽名一下,或者對比指紋fingerprint,達到認證這2個公鑰的效果。
opensuse13:~ # gpg -k
/root/.gnupg/secring.gpg
------------------------
sec 4096r/276856f7 2016-11-25 [expires: 2017-04-24]
uid franklinyang (encrypt rsa 4096)
ssb 4096r/0a09dac9 2016-11-25
opensuse13:~ # gpg -a -o franklinyang.rsa.sec.key --export-secret-keys 276856f7
opensuse13:~ # l franklinyang.rsa.sec.key
-rw-r--r-- 1 root root 3132 nov 25 21:19 franklinyang.rsa.sec.key
opensuse13:~ #
或者:opensuse13:~ #
opensuse13:~ # gpg -o franklinyang.sec.key --export-secret-keys franklinyang
opensuse13:~ #
opensuse13:~ #
js 高階指導
size x large 建立物件的方法 一 臨時物件建立 var object new object object.name zhangsan object.age 123 var object1 object var object2 object alert object1.name 缺點 一次...
WPF快速指導3 資料繫結
wpf快速指導3 資料繫結 本文摘要 1 實體類的繫結 2 實體類集合的繫結及datatemplate 3 自定義的實體類集合,如observabledictionary 4 path的語法 1 實體類的繫結 理解wpf資料繫結,首先需要理解介面inotifycollectionchanged。場景...
技術指導3 rip ospf
dv距離向量 鄰居間共享路由表,路由更新量較小,出環可能性較高,但是有各種防環機制 ls鏈路狀態 鄰居間共享lsa 鏈路狀態通告 共享拓撲資訊,更新量較大,防環 為什麼ospf協議基於lsa收斂?因為每個路由器有了完整的拓撲圖之後,基於最短路徑演算法,生成一棵樹,因為樹狀是無環的,所以為了防環。1,...