用户工具

站点工具


doc:p:pgp

PGP:加密工具

PGP (Pretty Good Privacy) 是一款公钥密码加密工具,它比 GnuPG 体积要小些,FreeBSD 提供了 /usr/ports/security/pgp。对邮件和数据的私密性有要求的用户,可以选择使用 PGP 或者 GnuPG (GPG)。

查看 PGP 的帮助。

IOU@~$ pgp -h
Here's a short summary of commands in PGP 2.6.3i:

Generate new key pair:  pgp -kg    [keybits]
Add key:                pgp -ka     keyfile           [keyring]
Extract key:            pgp -kx[a]  userid   keyfile  [keyring]
View key(s):            pgp -kv[v] [userid]           [keyring]
View fingerprint:       pgp -kvc   [userid]           [keyring]
Check & view in detail: pgp -kc    [userid]           [keyring]
Remove userid or key:   pgp -kr     userid            [keyring]
                        (Repeat for multiple userids on a key)
Edit trust params:      pgp -ke     userid            [keyring]
Add another userid:     pgp -ke     your_userid       [keyring]
Edit passphrase:        pgp -ke     your_userid       [keyring]
Sign a key in pubring:  pgp -ks other_id [-u sign_id] [keyring]
Remove a sig from key:  pgp -krs    userid            [keyring]
Revoke, dis/enable:     pgp -kd     userid            [keyring]

Encrypt:                pgp -e[a]  textfile TO_id [TO_id2 TO_id3...]
Sign:                   pgp -s[a]  textfile                         [-u MY_id]
Sign & encrypt:         pgp -se[a] textfile TO_id [TO_id2 TO_id3...][-u MY_id]
Make detached cert:     pgp -sb[a] [+clearsig=on] mainfile          [-u MY_id]
  (Can do binaries)     (clearsig=on may be set in CONFIG.TXT)
Encrypt with IDEA only: pgp -c     textfile
Decrypt or check sig:   pgp [-d] [-p] cryptogram
                        (-d to keep pgp data, -p for original file name)
Check detached cert:    pgp certfile [mainfile]
                        (If root of filenames are the same omit [mainfile])

Use [a] for ASCII output
Use [-o outfile] to specify an output file
Use [-@ textfile] to specify additional userids when encrypting
Use [-z"pass phrase"] to specify your pass phrase
Use [+batchmode] for errorlevel returns
Use [f] for stream redirection ( pgp -f[ARGS] <infile >outfile )
Use [w] to wipe plaintext file (encryption operations)
Use [m] to force display of plaintext only (no output file)
Use [t] to alter line endings for unix, etc.

用 IDEA 算法加密

要利用 IDEA 算法加密文件 mysecrets.txt,只需键入

IOU@~$ pgp -c mysecrets.txt

系统会让你输入密码,再输入一次。然后,系统让你胡乱敲击键盘(敲击速度自便,敲击内容无所谓),以便于产生随机数。

Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses.
(c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04
International version - not for use in the USA. Does not use RSAREF.
Current time: 2011/12/22 21:49 GMT

You need a pass phrase to encrypt the file. 
Enter pass phrase: 
Enter same pass phrase again: 
We need to generate 128 random bits.  This is done by measuring the
time intervals between your keystrokes.  Please enter some random text
on your keyboard until you hear the beep:
   0 * -Enough, thank you.
Preparing random session key...Just a moment....
Ciphertext file: myserets.txt.pgp

当听到嘟嘟声,停止敲击键盘。PGP 加密 mysecrets.txt 完毕。

解密

若想解密文件 myserets.txt.pgp,只需键入

IOU@~$ pgp -d myserets.txt.pgp 
Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses.
(c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04
International version - not for use in the USA. Does not use RSAREF.
Current time: 2011/12/22 21:57 GMT

File is conventionally encrypted.  
You need a pass phrase to decrypt this file. 
Enter pass phrase: Just a moment....Pass phrase appears good. .
Plaintext filename: myserets.txt
/data/vhosts/wiki-data/pages/doc/p/pgp.txt · 最后更改: 2011/12/23 06:00 由 IOU