Home | 简体中文 | 繁体中文 | 杂文 | Github | 知乎专栏 | Facebook | Linkedin | Youtube | 打赏(Donations) | About
知乎专栏

160.9. 修改密钥

		
[root@netkiller ~]# gpg --edit-key 70CECE32E5D67D12B95ED1E7F01C0CAEAAA458E6
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec  rsa2048/F01C0CAEAAA458E6
     created: 2021-10-08  expires: 2023-10-08  usage: SC  
     trust: ultimate      validity: ultimate
ssb  rsa2048/EAA2F7FD813D2A2E
     created: 2021-10-08  expires: 2023-10-08  usage: E   
[ultimate] (1). Neo Chen <netkiller@msn.com>

gpg> 		
		
		

160.9.1. 显示帮助信息

使用 "?" 显示帮助信息

			
gpg> ?
quit        quit this menu
save        save and quit
help        show this help
fpr         show key fingerprint
grip        show the keygrip
list        list key and user IDs
uid         select user ID N
key         select subkey N
check       check signatures
sign        sign selected user IDs [* see below for related commands]
lsign       sign selected user IDs locally
tsign       sign selected user IDs with a trust signature
nrsign      sign selected user IDs with a non-revocable signature
adduid      add a user ID
addphoto    add a photo ID
deluid      delete selected user IDs
addkey      add a subkey
addcardkey  add a key to a smartcard
keytocard   move a key to a smartcard
bkuptocard  move a backup key to a smartcard
delkey      delete selected subkeys
addrevoker  add a revocation key
delsig      delete signatures from the selected user IDs
expire      change the expiration date for the key or selected subkeys
primary     flag the selected user ID as primary
pref        list preferences (expert)
showpref    list preferences (verbose)
setpref     set preference list for the selected user IDs
keyserver   set the preferred keyserver URL for the selected user IDs
notation    set a notation for the selected user IDs
passwd      change the passphrase
trust       change the ownertrust
revsig      revoke signatures on the selected user IDs
revuid      revoke selected user IDs
revkey      revoke key or selected subkeys
enable      enable key
disable     disable key
showphoto   show selected photo IDs
clean       compact unusable user IDs and remove unusable signatures from key
minimize    compact unusable user IDs and remove all signatures from key

* The 'sign' command may be prefixed with an 'l' for local signatures (lsign),
  a 't' for trust signatures (tsign), an 'nr' for non-revocable signatures
  (nrsign), or any combination thereof (ltsign, tnrsign, etc.).

			
			
			

160.9.2. 签名

			
gpg> sign
"Neo Chen <netkiller@msn.com>" was already signed by key F01C0CAEAAA458E6
Nothing to sign with key F01C0CAEAAA458E6

gpg> save			
			
			

160.9.3. 公钥信任配置

当我们使用 GPG 加密文件的时候会提示如下。

			
gpg: checking the trustdb
gpg: no ultimately trusted keys found
gpg: EAA2F7FD813D2A2E: There is no assurance this key belongs to the named user

sub  rsa2048/EAA2F7FD813D2A2E 2021-10-08 Neo Chen <netkiller@msn.com>
 Primary key fingerprint: 70CE CE32 E5D6 7D12 B95E  D1E7 F01C 0CAE AAA4 58E6
      Subkey fingerprint: CEFB 98EA 8508 45F8 338B  3898 EAA2 F7FD 813D 2A2E

It is NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) 			
			
			

信任公钥

			
[gitlab-runner@gitlab ~]$ gpg --edit-key netkiller@msn.com
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


pub  rsa2048/F01C0CAEAAA458E6
     created: 2021-10-08  expires: 2023-10-08  usage: SC  
     trust: undefined     validity: unknown
sub  rsa2048/EAA2F7FD813D2A2E
     created: 2021-10-08  expires: 2023-10-08  usage: E   
[ unknown] (1). Neo Chen <netkiller@msn.com>

gpg> trust
pub  rsa2048/F01C0CAEAAA458E6
     created: 2021-10-08  expires: 2023-10-08  usage: SC  
     trust: undefined     validity: unknown
sub  rsa2048/EAA2F7FD813D2A2E
     created: 2021-10-08  expires: 2023-10-08  usage: E   
[ unknown] (1). Neo Chen <netkiller@msn.com>

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y

pub  rsa2048/F01C0CAEAAA458E6
     created: 2021-10-08  expires: 2023-10-08  usage: SC  
     trust: ultimate      validity: unknown
sub  rsa2048/EAA2F7FD813D2A2E
     created: 2021-10-08  expires: 2023-10-08  usage: E   
[ unknown] (1). Neo Chen <netkiller@msn.com>
Please note that the shown key validity is not necessarily correct
unless you restart the program.

gpg> save
Key not changed so no update needed.			
			
			

			
  1 = 我不知道或不作答
  2 = 我不相信
  3 = 我勉强相信
  4 = 我完全相信
  5 = 我绝对相信
  m = 回到主菜单