知乎专栏 | 多维度架构 |
[root@netkiller ~]# gpg --edit-key 70CECE32E5D67D12B95ED1E7F01C0CAEAAA458E6 gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Secret key is available. sec rsa2048/F01C0CAEAAA458E6 created: 2021-10-08 expires: 2023-10-08 usage: SC trust: ultimate validity: ultimate ssb rsa2048/EAA2F7FD813D2A2E created: 2021-10-08 expires: 2023-10-08 usage: E [ultimate] (1). Neo Chen <netkiller@msn.com> gpg>
使用 "?" 显示帮助信息
gpg> ? quit quit this menu save save and quit help show this help fpr show key fingerprint grip show the keygrip list list key and user IDs uid select user ID N key select subkey N check check signatures sign sign selected user IDs [* see below for related commands] lsign sign selected user IDs locally tsign sign selected user IDs with a trust signature nrsign sign selected user IDs with a non-revocable signature adduid add a user ID addphoto add a photo ID deluid delete selected user IDs addkey add a subkey addcardkey add a key to a smartcard keytocard move a key to a smartcard bkuptocard move a backup key to a smartcard delkey delete selected subkeys addrevoker add a revocation key delsig delete signatures from the selected user IDs expire change the expiration date for the key or selected subkeys primary flag the selected user ID as primary pref list preferences (expert) showpref list preferences (verbose) setpref set preference list for the selected user IDs keyserver set the preferred keyserver URL for the selected user IDs notation set a notation for the selected user IDs passwd change the passphrase trust change the ownertrust revsig revoke signatures on the selected user IDs revuid revoke selected user IDs revkey revoke key or selected subkeys enable enable key disable disable key showphoto show selected photo IDs clean compact unusable user IDs and remove unusable signatures from key minimize compact unusable user IDs and remove all signatures from key * The 'sign' command may be prefixed with an 'l' for local signatures (lsign), a 't' for trust signatures (tsign), an 'nr' for non-revocable signatures (nrsign), or any combination thereof (ltsign, tnrsign, etc.).
gpg> sign "Neo Chen <netkiller@msn.com>" was already signed by key F01C0CAEAAA458E6 Nothing to sign with key F01C0CAEAAA458E6 gpg> save
当我们使用 GPG 加密文件的时候会提示如下。
gpg: checking the trustdb gpg: no ultimately trusted keys found gpg: EAA2F7FD813D2A2E: There is no assurance this key belongs to the named user sub rsa2048/EAA2F7FD813D2A2E 2021-10-08 Neo Chen <netkiller@msn.com> Primary key fingerprint: 70CE CE32 E5D6 7D12 B95E D1E7 F01C 0CAE AAA4 58E6 Subkey fingerprint: CEFB 98EA 8508 45F8 338B 3898 EAA2 F7FD 813D 2A2E It is NOT certain that the key belongs to the person named in the user ID. If you *really* know what you are doing, you may answer the next question with yes. Use this key anyway? (y/N)
信任公钥
[gitlab-runner@gitlab ~]$ gpg --edit-key netkiller@msn.com gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. pub rsa2048/F01C0CAEAAA458E6 created: 2021-10-08 expires: 2023-10-08 usage: SC trust: undefined validity: unknown sub rsa2048/EAA2F7FD813D2A2E created: 2021-10-08 expires: 2023-10-08 usage: E [ unknown] (1). Neo Chen <netkiller@msn.com> gpg> trust pub rsa2048/F01C0CAEAAA458E6 created: 2021-10-08 expires: 2023-10-08 usage: SC trust: undefined validity: unknown sub rsa2048/EAA2F7FD813D2A2E created: 2021-10-08 expires: 2023-10-08 usage: E [ unknown] (1). Neo Chen <netkiller@msn.com> Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y pub rsa2048/F01C0CAEAAA458E6 created: 2021-10-08 expires: 2023-10-08 usage: SC trust: ultimate validity: unknown sub rsa2048/EAA2F7FD813D2A2E created: 2021-10-08 expires: 2023-10-08 usage: E [ unknown] (1). Neo Chen <netkiller@msn.com> Please note that the shown key validity is not necessarily correct unless you restart the program. gpg> save Key not changed so no update needed.
1 = 我不知道或不作答 2 = 我不相信 3 = 我勉强相信 4 = 我完全相信 5 = 我绝对相信 m = 回到主菜单