https://www.gnupg.org/download/

mac

方式一:推荐

mac

$ brew install gpg pinentry pinentry-mac

$ echo "pinentry-program /usr/local/bin/pinentry-mac" >> ~/.gnupg/gpg-agent.conf

$ killall gpg-agent

如果使用期间发生错误,参考后面的 Inappropriate ioctl for device 配置环境变量。

SourceTree支持:

$ ls -la /usr/local/bin/gpg

lrwxr-xr-x /usr/local/bin/gpg -> ../Cellar/gnupg/2.2.10/bin/gpg

$ ln -s /usr/local/bin/gpg /usr/local/bin/gpg2

在SourceTree的配置界面,点“高级”,更改“GPG程序”路径为 /usr/local/bin。

方式二:

https://gpgtools.org/

下载dmg安装

pc

https://gpg4win.org/download.html

linux (tarball)

$ mkdir ~/gnupg

$ cd ~/gnupg

$ wget https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.10.tar.bz2

wget https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.32.tar.bz2

wget https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.8.3.tar.bz2

wget https://www.gnupg.org/ftp/gcrypt/libksba/libksba-1.3.5.tar.bz2

wget https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.1.tar.bz2

wget https://www.gnupg.org/ftp/gcrypt/ntbtls/ntbtls-0.1.2.tar.bz2

wget https://www.gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2

wget https://www.gnupg.org/ftp/gcrypt/pinentry/pinentry-1.1.0.tar.bz2

// wget https://www.gnupg.org/ftp/gcrypt/gpgme/gpgme-1.11.1.tar.bz2

// wget https://www.gnupg.org/ftp/gcrypt/gpa/gpa-0.9.10.tar.bz2

$ tar xvjf gnupg-2.2.10.tar.bz2

tar xvjf libgpg-error-1.32.tar.bz2

tar xvjf libgcrypt-1.8.3.tar.bz2

tar xvjf libksba-1.3.5.tar.bz2

tar xvjf libassuan-2.5.1.tar.bz2

tar xvjf ntbtls-0.1.2.tar.bz2

tar xvjf npth-1.6.tar.bz2

tar xvjf pinentry-1.1.0.tar.bz2

// tar xvjf gpgme-1.11.1.tar.bz2

// tar xvjf gpa-0.9.10.tar.bz2

// 编译安装GnuPG组件

$ cd libgpg-error-1.32

$ ./configure

$ sudo make && sudo make install

$ cd ../libgcrypt-1.8.3

$ ./configure

$ sudo make && sudo make install

$ cd ../libksba-1.3.5

$ ./configure

$ sudo make && sudo make install

$ cd ../libassuan-2.5.1

$ ./configure

$ sudo make && sudo make install

$ cd ../ntbtls-0.1.2

$ ./configure

$ sudo make && sudo make install

$ cd ../npth-1.6

$ ./configure

$ sudo make && sudo make install

// 编译安装GnuPG

$ cd ../gnupg-2.2.10

$ ./configure

$ sudo make -j8 && sudo make install

$ whereis gpg

gpg: /usr/bin/gpg /usr/local/bin/gpg /usr/share/man/man1/gpg.1.gz

$ /usr/local/bin/gpg --version

/usr/local/bin/gpg: error while loading shared libraries: libgcrypt.so.20: cannot open shared object file: No such file or directory

正常会显示版本信息,如果出现这个错误,先获得libgcrypt.so.20文件的位置,然后加入变量LD_LIBRARY_PATH中:

$ whereis libgcrypt.so.20

libgcrypt.so: /usr/lib/libgcrypt.so.11 /usr/lib64/libgcrypt.so.11 /usr/local/lib/libgcrypt.so.20 /usr/local/lib/libgcrypt.so

$ export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH

$ /usr/local/bin/gpg --version

gpg (GnuPG) 2.2.10

libgcrypt 1.8.3

Copyright (C) 2018 Free Software Foundation, Inc.

...

将环境变量添加到启动配置,如.bashrc中

$ echo export LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH >> ~/.bashrc

同理检查PATH环境变量,使/usr/local/bin在/usr/bin前,然gpg命令直接运行我们编译的版本。

重新进入会话,输入 gpg --version 应该是刚才安装的版本。

必要组件安装:

---

// 用于输入密码保护(必须)

$ cd ../pinentry-1.1.0

$ ./configure

$ sudo make && sudo make install

---

下面两个可选,可能需要修改库的路径,configure才能正确通过。

// GPGME is the standard library to access GnuPG functions from programming languages.

$ cd ../gpgme-1.11.1

$ ./configure

$ sudo make && sudo make install

// GPA is a graphical frontend to GnuPG.

$ cd ../gpa-0.9.10

$ ./configure

$ sudo make && sudo make install

---

最后可删除无用的源文件

$ cd ~

$ sudo rm -rf gnupg

-----------------

使用

-----------------

1. 查看已有的GPG keys

$ gpg --list-secret-keys --keyid-format LONG

2. 创建一个GPG key

$ gpg --full-generate-key

gpg (GnuPG) 2.2.10; Copyright (C) 2018 Free Software Foundation, Inc.

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:

   (1) RSA and RSA (default)

   (2) DSA and Elgamal

   (3) DSA (sign only)

   (4) RSA (sign only)

Your selection?

RSA keys may be between 1024 and 4096 bits long.

What keysize do you want? (2048)

Requested keysize is 2048 bits

Please specify how long the key should be valid.

         0 = key does not expire

      <n>  = key expires in n days

      <n>w = key expires in n weeks

      <n>m = key expires in n months

      <n>y = key expires in n years

Key is valid for? (0)

Key does not expire at all

Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: yourname

Email address: yourname@email.com

Comment: demo

You selected this USER-ID:

    "yourname (demo) <yourname@email.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

gpg: key F461FA2D923C3798 marked as ultimately trusted

gpg: revocation certificate stored as '/home/yourname/.gnupg/openpgp-revocs.d/BA4CF1650621335540E42DB5F461FA2D923C3798.rev'

public and secret key created and signed.

pub   rsa2048 2018-09-18 [SC]

      BA4CF1650621335540E42DB5F461FA2D923C3798

uid                      yourname (demo) <yourname@email.com>

sub   rsa2048 2018-09-18 [E]

3. 生成吊销证书

$ gpg --list-secret-keys --keyid-format LONG

/home/yourname/.gnupg/pubring.gpg

------------------------

sec   rsa2048/F461FA2D923C3798 2018-09-18 [SC]

      BA4CF1650621335540E42DB5F461FA2D923C3798

uid                 [ultimate] yourname (demo) <yourname@email.com>

ssb   rsa2048/96E3D9B0C023B825 2018-09-18 [E]

记住sec中算法后面的值,输入在下面

(说明:也可以用邮箱地址替换这个KEY值)

$ gpg --gen-revoke F461FA2D923C3798

4. 导出GPG key

$ gpg --armor --export F461FA2D923C3798

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBFugt1QBCACpIrObmogNUtVRGogRUub4GmP+4IlZxu+Q5ExhGHFNhdTOEbii

9OT4Vy6snZoURWwxKPNu5/W35cs57+tv/FjVEqp1fDgnhK8YHo1AtfO5Yjqq/UR/

mPBdOBsKlstKl9+cCR/dv+uE23/fJnNqfbLZUyv8GRPwBh7OggX2MO4elzzzujnH

...

-----END PGP PUBLIC KEY BLOCK-----

复制包括-----BEGIN PGP PUBLIC KEY BLOCK-----和-----END PGP PUBLIC KEY BLOCK-----的全部内容。

5. 添加一个user id到GPG key

$ gpg --edit-key F461FA2D923C3798

> adduid

Real name: myname

Email address: myname@email.com

Comment:

You selected this USER-ID:

    "myname <myname@email.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o

sec  rsa2048/F461FA2D923C3798

     created: 2018-09-18  expires: never       usage: SC

     trust: ultimate      validity: ultimate

ssb  rsa2048/96E3D9B0C023B825

     created: 2018-09-18  expires: never       usage: E

[ultimate] (1)  yourname (demo) <yourname@email.com>

[ unknown] (2). myname <myname@email.com>

> quit

Save changes? (y/N) y

可以使用help了解更多命令。

6. 应用

- 可在github设置 -> SSH and GPG keys里,添加生成PGP KEY,注意使用对应的邮箱和user id的GPG KEY

- 可用于git签名,如

  $ git config --global user.signingkey F461FA2D923C3798

  提交的签名

  $ git config commit.gpgsign true

  $ git config --global commit.gpgsign true

  然后提交代码(-S):

  $ git commit -S -m your commit message

  tag的签名(-s)

  $ git tag -s mytag

  验证(-v)

  $ git tag -v mytag

- 使用gpg-agent帮助减少密码输入,可将下面命令写入~/.xsession、 ~/.profile或者.bash_profile等启动文件

  eval $(gpg-agent --daemon)

-----------------

排除故障

-----------------

故障:Inappropriate ioctl for device

解决:

$ echo "test" | gpg --clearsign

如果提示 Inappropriate ioctl for device,设置变量指向tty

$ export GPG_TTY=$(tty)

$ echo 'export GPG_TTY=$(tty)' >> ~/.zshrc    // 或者.bashrc, .bash_profile

故障:apt: Unknown error executing apt-key

解决:

sudo apt-get clean

sudo rm /var/lib/apt/lists/*

sudo rm /var/lib/apt/lists/partial/*

sudo apt-get clean

sudo apt-get update

tarball安装GnuPG (gpg) 2.2.10的更多相关文章

  1. VMware15安装MAC(MAC OS 10.13)(OS X 10.14)原版可升级最新可解锁macOS Unlocker3.0(OS X 10.13)

      目录树 1.1.2安装环境: 1.1.3所需资源: 1.1.4 Unlocker 3.0解锁 1.1.5 配置环境 1.1.6开始安装 1.1.7开启虚拟机进入MAC安装界面 1.1.8 macO ...

  2. 第一篇 HTML5打包APP之VMware15安装MAC(MAC OS 10.13)(OS X 10.14)原版可升级最新可解锁macOS Unlocker3.0(OS X 10.13)

    1.1.2安装环境: 1.1.3所需资源: 1.1.4 Unlocker 3.0解锁 1.1.5 配置环境 1.1.6开始安装 1.1.7开启虚拟机进入MAC安装界面 1.1.8 macOS 10.1 ...

  3. 史上!最最最简洁明了的 Java JDK 安装目录及其子目录含义 10分钟详解 - 精简归纳

    Java JDK 安装目录及其子目录含义 10分钟详解 - 精简归纳 JERRY_Z. ~ 2020 / 8 / 30 转载请注明出处!️ 目录 Java JDK 安装目录及其子目录含义 10分钟详解 ...

  4. 深入浅出 Java JDK 安装目录及其子目录含义 10分钟详解 - 精简归纳

    Java JDK 安装目录及其子目录含义 10分钟详解 - 精简归纳 JERRY_Z. ~ 2020 / 8 / 30 转载请注明出处!️ 目录 Java JDK 安装目录及其子目录含义 10分钟详解 ...

  5. yum安装时提示“尚未安装任何 GPG 公钥,请下载您希望安装的软件签名公钥并安装”

    在Linux操作系统中,安装软件依赖包时,出现了尚未安装任何 GPG 公钥,要求使用rpm --import public.gpg.key导入  问题: [root@server7 yum.repos ...

  6. 安装zabbix-3.0.3+nginx-1.10.1+php-5.6.22

    好久没有接触监控类的软件了,今天抽空搭建了下最新的版本 首先系统环境 zabbix-server-1 192.168.11.11   centos6.7 mysql-server    192.168 ...

  7. 给Windows + Apache 2.2 + PHP 5.3 安装PHP性能测试工具 xhprof_0.10.3_php53_vc9.dll

    1.下载XHProf 到这里 http://dev.freshsite.pl/php-extensions/xhprof.html 下载Windows版本的XHProf,我这里选择下载 XHProf ...

  8. Vmare12(虚拟机)安装Mac OS X Yosemite 10.10

    需要预备的软件如下: OSX10.10的系统镜像,下载好之后将后缀.cdr改成.iso,下载来源如下:    链接:http://pan.baidu.com/s/1sj4ri5R 密码:y86w un ...

  9. mac上虚拟机安装旧版本的macosx 10.8

    前言 由于测试的需要,需要10.8的macosx,但又不想降级自己mac版本,所以还是装虚拟机,Parallels Desktop试验了安装不了osx,就换VMware Fusion,发现是可以的. ...

随机推荐

  1. 简明python教程十一----更多Python的内容

    特殊的方法 __init__(self,...):这个方法在新建对象恰好要被返回使用之前被调用 __del__(self):恰好在对象要被删除之前调用 __str__(self):我们对对象使用pri ...

  2. SVN无法Cleanup

    错误如下: 原因:svn提交遇到恶心的问题,可能是因为上次cleanup中断后,进入死循环了 解决方法:清空svn的队列 1.下载Sqlite3.exe 2.找到你项目的.svn文件,查看是否存在wc ...

  3. XDU 1056

    解法一:简单搜索肯定TLE,只是单纯的想写一发搜索练练手 #include<cstdio> #include<cstring> #define maxn 1005 using ...

  4. Unity状态机的实现,以《塔防》为例

    什么是有限状态机? 通俗点讲,有限状态机是:将对象的状态(攻击.闲置.晕眩)的实现代码,提取出来,封装成状态.由状态机负责在各个状态之间调度. 对象持有状态管理类(状态机)的引用,与具体的状态解耦. ...

  5. “凯易迅Calix”实习上机——求元音开头辅音结尾的子串

    题目要求: 对于一个输入的字符串(26个小写字母组成),求出他的所有子串中元音开头,辅音结尾的子串.在这所有的子串中,输出第一个和最后一个. 例如aab,共有子串a,aa,aab,ab,b:但是满足元 ...

  6. laravel 环境配置

    一.composer 安装 1.确定为最新版本的PHP 2.进入Composer官网下载页面,在页面最下方Manual Download区域选择需要的版本下载. 3.将下载的composer.phar ...

  7. bat调用exe文件并且传递参数

    bat调用exe文件并且传递参数 bat调用exe,并且传递日期参数,代码: @echo off cd "E:\SublimeWorks\exe" start xyzj_shrjj ...

  8. 简单的Sqlite使用方法

    Sqlite的作用不言而喻,就是帮助开发者建立本地数据库,存储一些基本信息.不做过多阐述,需要的深入了解的可以找度娘,本文是针对Sqlite小白在使用上提供一些实例. 一.导入Sqlite.swift ...

  9. iOS开发进阶 - 富文本正则替换表情

    移动端访问不佳,请访问我的个人博客 最近写项目需要用到富文本解析字符串显示表情,下面是我使用正则替换实现富文本的方式,希望能帮助到大家 先上效果图和demo地址 实现过程中需要用到的知识点 NSReg ...

  10. mybatis整合ehcache

    知识点:mybatis整合encache缓存框架,缓存从数据库中,查询的数据,不使用mybatis自带的二级缓存 补充:github上Mybatis Ehcache 适配器包说明地址:http://w ...