如何通过GPG(GnuPG)中的子键(多个子键(e))进行加密

时间:2017-05-02 07:28:21

标签: gnupg

如何通过GPG(GnuPG)中的子键(多个子键(e))进行加密

pub   rsa4096/22E49AB870AD169A 2017-03-09 [SC]
uid                 [ultimate] Jack Wonda <wangjievibeke@foxmail.com>
uid                 [ultimate] 王杰 <jack20130107@qq.com>
sub   rsa4096/D39A707D61F13A26 2017-03-09 [E] [expires: 2020-04-25]
sub   rsa4096/11FAB3E82F75B202 2017-04-24 [S] [expires: 2019-04-24]
sub   rsa4096/B305BA41FD1F7793 2017-04-26 [E] [expires: 2019-04-26]

我有两个用于加密的子密钥,但是现在我只能使用最后一个子密钥(B305BA41FD1F7793)。

例如:

gpg2 -r D39A707D61F13A26 -e doc
File 'doc.gpg' exists. Overwrite? (y/N) y
gpg2 -d doc.gpg
gpg: encrypted with 4096-bit RSA key, ID B305BA41FD1F7793, created 2017-04-26
      "Jack Wonda <wangjievibeke@foxmail.com>"
123456

即使我指定了第一个子键,它仍将转到最后一个子键。

1 个答案:

答案 0 :(得分:1)

您可以通过在其ID上附加感叹号来强制gpg使用特定键。在你的情况下:

gpg2 -r 0xD39A707D61F13A26! -e doc

您甚至可以要求gpg使用两个键进行加密(这样您就可以使用其中一个相关的公钥进行解密):

gpg2 -r 0xD39A707D61F13A26! -r 0xB305BA41FD1F7793! -e doc

根据Arch系统上安装的联机帮助页(奇怪的是,我无法在其他地方找到相同版本的相同版本):

  

如何指定用户ID

     

有多种方法可以为GnuPG指定用户ID。他们中有一些   只对gpg有效,其他只对gpgsm有用。这里是   指定密钥的完整方式列表:

By key Id.
          This format is deduced from the length of  the  string  and  its
          content or 0x prefix. The key Id of an X.509 certificate are the
          low 64 bits of its SHA-1 fingerprint.  The use  of  key  Ids  is
          just  a  shortcut,  for all automated processing the fingerprint
          should be used.

          When using gpg an exclamation mark (!) may be appended to  force
          using  the specified primary or secondary key and not to try and
          calculate which primary or secondary key to use.

          The last four lines of the example give the key ID in their long
          form as internally used by the OpenPGP protocol. You can see the
          long key ID using the option --with-colons.
相关问题
最新问题