WombatWiki

Користувальницькі налаштування

Налаштування сайту

Відвідано: openwrt
gpg

Розбіжності

Тут показані розбіжності між вибраною ревізією та поточною версією сторінки.

Посилання на цей список змін

Порівняння попередніх версійПопередня ревізія
Наступна ревізія		Попередня ревізія
gpg [2015/01/18 20:08] wombatgpg [2015/02/07 21:39] (поточний) – [Экспорт открытого ключа] wombat
Рядок 1: Рядок 1:
-Generating a new keypair+====== Генерация ключа ======
  
-The command-line option --gen-key is used to create a new primary keypair.+  gpg --gen-key
  
-alice% gpg --gen-key +<code> 
-gpg (GnuPG) 0.9.4; Copyright (C) 1999 Free Software Foundation, Inc+gpg (GnuPG) 2.0.26; Copyright (C) 2013 Free Software Foundation, Inc. 
-This program comes with ABSOLUTELY NO WARRANTY+This is free softwareyou are free to change and redistribute it. 
-This is free software, and you are welcome to redistribute it +There is NO WARRANTY, to the extent permitted by law.
-under certain conditions. See the file COPYING for details.+
  
 Please select what kind of key you want: Please select what kind of key you want:
-   (1) DSA and ElGamal (default) +   (1) RSA and RSA (default) 
-   (2) DSA (sign only) +   (2) DSA and Elgamal 
-   (4) ElGamal (sign and encrypt)+   (3) DSA (sign only) 
 +   (4) RSA (sign only)
 Your selection? Your selection?
 +</code>
 GnuPG is able to create several different types of keypairs, but a primary key must be capable of making signatures. There are therefore only three options. Option 1 actually creates two keypairs. A DSA keypair is the primary keypair usable only for making signatures. An ElGamal subordinate keypair is also created for encryption. Option 2 is similar but creates only a DSA keypair. Option 4[1] creates a single ElGamal keypair usable for both making signatures and performing encryption. In all cases it is possible to later add additional subkeys for encryption and signing. For most users the default option is fine. GnuPG is able to create several different types of keypairs, but a primary key must be capable of making signatures. There are therefore only three options. Option 1 actually creates two keypairs. A DSA keypair is the primary keypair usable only for making signatures. An ElGamal subordinate keypair is also created for encryption. Option 2 is similar but creates only a DSA keypair. Option 4[1] creates a single ElGamal keypair usable for both making signatures and performing encryption. In all cases it is possible to later add additional subkeys for encryption and signing. For most users the default option is fine.
 You must also choose a key size. The size of a DSA key must be between 512 and 1024 bits, and an ElGamal key may be of any size. GnuPG, however, requires that keys be no smaller than 768 bits. Therefore, if Option 1 was chosen and you choose a keysize larger than 1024 bits, the ElGamal key will have the requested size, but the DSA key will be 1024 bits. You must also choose a key size. The size of a DSA key must be between 512 and 1024 bits, and an ElGamal key may be of any size. GnuPG, however, requires that keys be no smaller than 768 bits. Therefore, if Option 1 was chosen and you choose a keysize larger than 1024 bits, the ElGamal key will have the requested size, but the DSA key will be 1024 bits.
Рядок 50: Рядок 51:
 ------------------------ ------------------------
  
-Exchanging keys+====== Обмен ключами ======
  
 To communicate with others you must exchange public keys. To list the keys on your public keyring use the command-line option --list-keys. To communicate with others you must exchange public keys. To list the keys on your public keyring use the command-line option --list-keys.
Рядок 59: Рядок 60:
 pub  1024D/BB7576AC 1999-06-04 Alice (Judge) <alice@cyb.org> pub  1024D/BB7576AC 1999-06-04 Alice (Judge) <alice@cyb.org>
 sub  1024g/78E9A8FA 1999-06-04 sub  1024g/78E9A8FA 1999-06-04
-Exporting a public key+ 
 +===== Экспорт открытого ключа ===== 
  
 To send your public key to a correspondent you must first export it. The command-line option --export is used to do this. It takes an additional argument identifying the public key to export. As with the --gen-revoke option, either the key ID or any part of the user ID may be used to identify the key to export. To send your public key to a correspondent you must first export it. The command-line option --export is used to do this. It takes an additional argument identifying the public key to export. As with the --gen-revoke option, either the key ID or any part of the user ID may be used to identify the key to export.
  
-alice% gpg --output alice.gpg --export alice@cyb.org+  $ gpg --output alice.gpg --export alice@cyb.org 
 The key is exported in a binary format, but this can be inconvenient when the key is to be sent though email or published on a web page. GnuPG therefore supports a command-line option --armor[2] that causes output to be generated in an ASCII-armored format similar to uuencoded documents. In general, any output from GnuPG, e.g., keys, encrypted documents, and signatures, can be ASCII-armored by adding the --armor option. The key is exported in a binary format, but this can be inconvenient when the key is to be sent though email or published on a web page. GnuPG therefore supports a command-line option --armor[2] that causes output to be generated in an ASCII-armored format similar to uuencoded documents. In general, any output from GnuPG, e.g., keys, encrypted documents, and signatures, can be ASCII-armored by adding the --armor option.
  
-alice% gpg --armor --export alice@cyb.org+  $ gpg --armor --export alice@cyb.org 
 -----BEGIN PGP PUBLIC KEY BLOCK----- -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v0.9.7 (GNU/Linux) Version: GnuPG v0.9.7 (GNU/Linux)
Рядок 73: Рядок 78:
 [...] [...]
 -----END PGP PUBLIC KEY BLOCK----- -----END PGP PUBLIC KEY BLOCK-----
-Importing a public key+ 
 +===== Импорт открытого ключа =====
  
 A public key may be added to your public keyring with the --import option. A public key may be added to your public keyring with the --import option.
Рядок 123: Рядок 129:
  
 ----------------------- -----------------------
 +
 +====== Шифрование и расшифровка ======
  
  
  
-Encrypting and decrypting documents 
  
 A public and private key each have a specific role when encrypting and decrypting documents. A public key may be thought of as an open safe. When a correspondent encrypts a document using a public key, that document is put in the safe, the safe shut, and the combination lock spun several times. The corresponding private key is the combination that can reopen the safe and retrieve the document. In other words, only the person who holds the private key can recover a document encrypted using the associated public key. A public and private key each have a specific role when encrypting and decrypting documents. A public key may be thought of as an open safe. When a correspondent encrypts a document using a public key, that document is put in the safe, the safe shut, and the combination lock spun several times. The corresponding private key is the combination that can reopen the safe and retrieve the document. In other words, only the person who holds the private key can recover a document encrypted using the associated public key.
gpg.1421611732.txt.bz2 · Востаннє змінено: повз wombat