跳转到主要内容

GnuPG

gpg-agent

gpg-agent --daemon
gpgconf --kill all && gpgconf --launch gpg-agent

SSH 登录

  1. 开启 ssh 支持
echo enable-ssh-support >> ~/.gnupg/gpg-agent.conf
  1. 添加环境变量
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
export GPG_TTY=$(tty)
  1. 查看 keygrip
gpg --list-keys --with-keygrip
  1. 添加 sshcontrol
echo [keygrip] >> ~/.gnupg/sshcontrol

常见 Flags 解释

sec => 'SECret key'
ssb => 'Secret SuBkey'
pub => 'PUBlic key'
sub => 'public SUBkey'

'E' = encryption
'S' = signing
'C' = certification
'A' = authentication

A # after the initial tags sec or ssb means that the secret key or subkey is currently not usable. We also say that this key has been taken offline (for example, a primary key can be taken offline by exporting the key using the command --export-secret-subkeys).
A > after these tags indicate that the key is stored on a smartcard. See also --list-keys.

ref: https://www.mankier.com/1/gpg#--list-secret-keys

回到顶部