GnuPG
gpg-agent
gpg-agent --daemon
gpgconf --kill all && gpgconf --launch gpg-agent
SSH 登录
- 开启 ssh 支持
echo enable-ssh-support >> ~/.gnupg/gpg-agent.conf
- 添加环境变量
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
export GPG_TTY=$(tty)
- 查看 keygrip
gpg --list-keys --with-keygrip
- 添加 sshcontrol
echo [keygrip] >> ~/.gnupg/sshcontrol
常见 Flags 解释
sec => 'SECret key'
ssb => 'Secret SuBkey'
pub => 'PUBlic key'
sub => 'public SUBkey'
'E' = encryption
'S' = signing
'C' = certification
'A' = authentication
A # after the initial tags sec or ssb means that the secret key or subkey is currently not usable. We also say that this key has been taken offline (for example, a primary key can be taken offline by exporting the key using the command --export-secret-subkeys).
A > after these tags indicate that the key is stored on a smartcard. See also --list-keys.
ref: https://www.mankier.com/1/gpg#--list-secret-keys