gpg的一些常用操作
(1)列出keys
# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub 2048R/98681A63 2014-07-15
uid yinye (yinye's key) <hustcat@gmail.com>
sub 2048R/5A1B2B28 2014-07-15
(2)导出public key
这样,别人就可以导入,然后验证你签名的rpm package了。
# gpg --export --armor hustcat@gmail.com > yy.asc
(3)备份private key
# gpg --export-secret-keys --armor hustcat@gmail.com > yy_private.asc
(4)检查rpm包的签名
# rpm -K ceph-deploy-1.5.9-0.noarch.rpm
ceph-deploy-1.5.9-0.noarch.rpm: RSA sha1 ((MD5) PGP) md5 NOT OK (MISSING KEYS: (MD5) PGP#98681a63)
检查rpm包的完整性(下载过程中是否损坏)
# rpm -K --nosignature ceph-deploy-1.5.9-0.noarch.rpm
ceph-deploy-1.5.9-0.noarch.rpm: sha1 md5 OK
(5)导入public key
rpm --import 'https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc'
(6)列出public key
# rpm -qa gpg-pubkey*
gpg-pubkey-03c3951a-51149b56
gpg-pubkey-baadae52-49beffa4
gpg-pubkey-c105b9de-4e0fd3a3
gpg-pubkey-17ed316d-4fb96ee8
gpg-pubkey-0608b895-4bd22942
# rpm -qa gpg-pubkey* --qf "%{name}-%{version}-%{release}-%{summary}\n"
gpg-pubkey-03c3951a-51149b56-gpg(Ceph automated package build (Ceph automated package build) <sage@newdream.net>)
gpg-pubkey-baadae52-49beffa4-gpg(elrepo.org (RPM Signing Key for elrepo.org) <secure@elrepo.org>)
gpg-pubkey-c105b9de-4e0fd3a3-gpg(CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org>)
gpg-pubkey-17ed316d-4fb96ee8-gpg(Ceph Release Key <sage@newdream.net>)
gpg-pubkey-0608b895-4bd22942-gpg(EPEL (6) <epel@fedoraproject.org>)
(7)查看public key的详细信息
# rpm -qi gpg-pubkey-03c3951a-51149b56
主要参考
作者:YY哥
出处:http://www.cnblogs.com/hustcat/
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。
