GnuPG\u3092\u4f7f\u7528\u3057\u3066\u3001\u6697\u53f7\u5316\u3001\u8a3c\u660e\u3001\u8a8d\u8a3c\u306b\u4f7f\u7528\u3059\u308b\u305f\u3081\u306e\u9375\u306e\u4f5c\u6210\u3092\u884c\u3044\u307e\u3059\u3002\u74b0\u5883\u306f\u3001Ubuntu LTS 16.04\u4e0a\u3067\u3001GnuPG2\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002
\n<\/p>\n
\u201cgpg2 --full-gen-key\u201d\u30b3\u30de\u30f3\u30c9\u3067\u516c\u958b\u9375\u3068\u79d8\u5bc6\u9375\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n
\r\n$ gpg2 --full-gen-key\r\ngpg (GnuPG) 2.1.11; Copyright (C) 2016 Free Software Foundation, Inc.\r\nThis is free software: you are free to change and redistribute it.\r\nThere is NO WARRANTY, to the extent permitted by law.\r\n\r\nPlease select what kind of key you want:\r\n (1) RSA and RSA (default)\r\n (2) DSA and Elgamal\r\n (3) DSA (sign only)\r\n (4) RSA (sign only)\r\nYour selection? 1\r\nRSA keys may be between 1024 and 4096 bits long.\r\nWhat keysize do you want? (2048) 4096\r\nRequested keysize is 4096 bits\r\nPlease specify how long the key should be valid.\r\n 0 = key does not expire\r\n <n> = key expires in n days\r\n <n>w = key expires in n weeks\r\n <n>m = key expires in n months\r\n <n>y = key expires in n years\r\nKey is valid for? (0) 0\r\nKey does not expire at all\r\nIs this correct? (y\/N) y\r\n\r\nGnuPG needs to construct a user ID to identify your key.\r\n\r\nReal name: Laboratory for Personal ICT\r\nEmail address: site-master@lab4ict.com\r\nComment: Laboratory one\r\nYou selected this USER-ID:\r\n "Laboratory for Personal ICT (Laboratory one) <site-master@lab4ict.com>"\r\n\r\nChange (N)ame, (C)omment, (E)mail or (O)kay\/(Q)uit? O\r\nWe need to generate a lot of random bytes. It is a good idea to perform\r\nsome other action (type on the keyboard, move the mouse, utilize the\r\ndisks) during the prime generation; this gives the random number\r\ngenerator a better chance to gain enough entropy.\r\n \r\nWe need to generate a lot of random bytes. It is a good idea to perform\r\nsome other action (type on the keyboard, move the mouse, utilize the\r\ndisks) during the prime generation; this gives the random number\r\ngenerator a better chance to gain enough entropy.\r\ngpg: key 627C7AE0 marked as ultimately trusted\r\ngpg: directory '\/home\/sysadm001\/.gnupg\/openpgp-revocs.d' created\r\ngpg: revocation certificate stored as '\/home\/sysadm001\/.gnupg\/openpgp-revocs.d\/6FDF8845FB9DC16F4E9992ABFCE82D1E627C7AE0.rev'\r\npublic and secret key created and signed.\r\n\r\ngpg: checking the trustdb\r\ngpg: marginals needed: 3 completes needed: 1 trust model: PGP\r\ngpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u\r\npub rsa4096\/627C7AE0 2018-01-03 [S]\r\n Key fingerprint = 6FDF 8845 FB9D C16F 4E99 92AB FCE8 2D1E 627C 7AE0\r\nuid [ultimate] Laboratory for Personal ICT (Laboratory one) <site-master@lab4ict.com>\r\nsub rsa4096\/8475A20B 2018-01-03 []\r\n<\/pre>\n\u5931\u52b9\u8a3c\u660e\u66f8\u306e\u4f5c\u6210<\/h2>\n
\u201cgpg --gen-revoke\u201d\u30b3\u30de\u30f3\u30c9\u3067\u3001\u79d8\u5bc6\u9375\u304c\u76d7\u307e\u308c\u3066\u9375\u3092\u5931\u52b9\u3059\u308b\u5fc5\u8981\u304c\u767a\u751f\u3057\u305f\u6642\u306e\u305f\u3081\u306b\u3001\u5931\u52b9\u8a3c\u660e\u66f8\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n
\r\n$ gpg2 --output revoke_lab4ict_com.asc --gen-revoke site-master@lab4ict.com\r\n\r\nsec rsa4096\/627C7AE0 2018-01-03 Laboratory for Personal ICT (Laboratory one) <site-master@lab4ict.com>\r\n\r\nCreate a revocation certificate for this key? (y\/N) y\r\nPlease select the reason for the revocation:\r\n 0 = No reason specified\r\n 1 = Key has been compromised\r\n 2 = Key is superseded\r\n 3 = Key is no longer used\r\n Q = Cancel\r\n(Probably you want to select 1 here)\r\nYour decision? 1\r\nEnter an optional description; end it with an empty line:\r\n> \r\nReason for revocation: Key has been compromised\r\n(No description given)\r\nIs this okay? (y\/N) y\r\nASCII armored output forced.\r\nRevocation certificate created.\r\n\r\nPlease move it to a medium which you can hide away; if Mallory gets\r\naccess to this certificate he can use it to make your key unusable.\r\nIt is smart to print this certificate and store it away, just in case\r\nyour media become unreadable. But have some caution: The print system of\r\nyour machine might store the data and make it available to others!\r\nsysadm001@mobcli004:~\/gpg$ ls \r\nrevoke_lab4ict_com.asc\r\n<\/pre>\n\u516c\u958b\u9375\u3068\u79d8\u5bc6\u9375\u306e\u78ba\u8a8d<\/h2>\n
\"gpg2 --list-keys\"\u30b3\u30de\u30f3\u30c9\u3067\u516c\u958b\u9375\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n
\r\n$ gpg2 --list-keys\r\n\/home\/sysadm001\/.gnupg\/pubring.kbx\r\n----------------------------------\r\npub rsa4096\/627C7AE0 2018-01-03 [SC]\r\nuid [ultimate] Laboratory for Personal ICT (Laboratory one) <site-master@lab4ict.com>\r\nsub rsa4096\/8475A20B 2018-01-03 [E]\r\n<\/pre>\n\"gpg2 --list-secret-keys\"\u79d8\u5bc6\u9375\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n
\r\n$ gpg2 --list-secret-keys\r\n\/home\/sysadm001\/.gnupg\/pubring.kbx\r\n----------------------------------\r\nsec rsa4096\/627C7AE0 2018-01-03 [SC]\r\nuid [ultimate] Laboratory for Personal ICT (Laboratory one) <site-master@lab4ict.com>\r\nssb rsa4096\/8475A20B 2018-01-03 [E]\r\n<\/pre>\n\u8a8d\u8a3c\u7528\u306e\u30b5\u30d6\u30ad\u30fc\u306e\u751f\u6210<\/h2>\n
\"gpg --expert --edit-key\"\u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u7528\u3057\u3066\u8a8d\u8a3c\u7528\u306e\u30b5\u30d6\u30ad\u30fc\u3092\u751f\u6210\u3057\u307e\u3059\u3002<\/p>\n
\r\n$ gpg2 --expert --edit-key site-master@lab4ict.com\r\ngpg (GnuPG) 2.1.11; Copyright (C) 2016 Free Software Foundation, Inc.\r\nThis is free software: you are free to change and redistribute it.\r\nThere is NO WARRANTY, to the extent permitted by law.\r\n\r\nSecret key is available.\r\n\r\nsec rsa4096\/627C7AE0\r\n created: 2018-01-03 expires: never usage: SC \r\n trust: ultimate validity: ultimate\r\nssb rsa4096\/8475A20B\r\n created: 2018-01-03 expires: never usage: E \r\n[ultimate] (1). Laboratory for Personal ICT (Laboratory one) <site-master@lab4ict.com>\r\n\r\ngpg> addkey\r\nPlease select what kind of key you want:\r\n (3) DSA (sign only)\r\n (4) RSA (sign only)\r\n (5) Elgamal (encrypt only)\r\n (6) RSA (encrypt only)\r\n (7) DSA (set your own capabilities)\r\n (8) RSA (set your own capabilities)\r\n (10) ECC (sign only)\r\n (11) ECC (set your own capabilities)\r\n (12) ECC (encrypt only)\r\n (13) Existing key\r\nYour selection? 8\r\n\r\nPossible actions for a RSA key: Sign Encrypt Authenticate \r\nCurrent allowed actions: Sign Encrypt \r\n\r\n (S) Toggle the sign capability\r\n (E) Toggle the encrypt capability\r\n (A) Toggle the authenticate capability\r\n (Q) Finished\r\n\r\nYour selection? a\r\n\r\nPossible actions for a RSA key: Sign Encrypt Authenticate \r\nCurrent allowed actions: Sign Encrypt Authenticate \r\n\r\n (S) Toggle the sign capability\r\n (E) Toggle the encrypt capability\r\n (A) Toggle the authenticate capability\r\n (Q) Finished\r\n\r\nYour selection? q\r\nRSA keys may be between 1024 and 4096 bits long.\r\nWhat keysize do you want? (2048) 4096\r\nRequested keysize is 4096 bits\r\nPlease specify how long the key should be valid.\r\n 0 = key does not expire\r\n <n> = key expires in n days\r\n <n>w = key expires in n weeks\r\n <n>m = key expires in n months\r\n <n>y = key expires in n years\r\nKey is valid for? (0) 0\r\nKey does not expire at all\r\nIs this correct? (y\/N) y\r\nReally create? (y\/N) y\r\nWe need to generate a lot of random bytes. It is a good idea to perform\r\nsome other action (type on the keyboard, move the mouse, utilize the\r\ndisks) during the prime generation; this gives the random number\r\ngenerator a better chance to gain enough entropy.\r\n\r\nsec rsa4096\/627C7AE0\r\n created: 2018-01-03 expires: never usage: SC \r\n trust: ultimate validity: ultimate\r\nssb rsa4096\/8475A20B\r\n created: 2018-01-03 expires: never usage: E \r\nssb rsa4096\/90BDE63E\r\n created: 2018-01-03 expires: never usage: SEA \r\n[ultimate] (1). Laboratory for Personal ICT (Laboratory one) <site-master@lab4ict.com>\r\n\r\ngpg> save\r\n<\/pre>\n\u516c\u958b\u9375\u3068\u79d8\u5bc6\u9375\u306e\u30d0\u30c3\u30af\u30a2\u30c3\u30d7<\/h2>\n
\u516c\u958b\u9375\u3068\u79d8\u5bc6\u9375\u306e\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3092\u53d6\u5f97\u3057\u307e\u3059\u3002<\/p>\n
\r\n$ gpg2 --export-secret-keys --armor site-master@lab4ict.com > secret-keys.backup\r\n$ gpg2 --export --armor site-master@lab4ict.com > public-keys.backup\r\n$ ls \r\npublic-keys.backup revoke_lab4ict_com.asc secret-keys.backup\r\n<\/pre>\n\u304a\u308f\u308a\u306b<\/h2>\n
gpg2\u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u7528\u3057\u3066\u3001\u6697\u53f7\u5316\u3001\u7f72\u540d\u3001\u8a8d\u8a3c\u3067\u4f7f\u7528\u3059\u308b\u305f\u3081\u306e\u9375\u3092\u4f5c\u6210\u3057\u307e\u3057\u305f\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
GnuPG\u3092\u4f7f\u7528\u3057\u3066\u3001\u6697\u53f7\u5316\u3001\u8a3c\u660e\u3001\u8a8d\u8a3c\u306b\u4f7f\u7528\u3059\u308b\u305f\u3081\u306e\u9375\u306e\u4f5c\u6210\u3092\u884c\u3044\u307e\u3059\u3002\u74b0\u5883\u306f\u3001Ubuntu LTS 16.04\u4e0a\u3067\u3001GnuPG2\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002<\/p>\n","protected":false},"author":1,"featured_media":642,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[356,357,358],"class_list":["post-411","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-gnupg","tag-gnupg","tag-357","tag-358"],"_links":{"self":[{"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/posts\/411","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/comments?post=411"}],"version-history":[{"count":1,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/posts\/411\/revisions"}],"predecessor-version":[{"id":12052,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/posts\/411\/revisions\/12052"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/media\/642"}],"wp:attachment":[{"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/media?parent=411"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/categories?post=411"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/tags?post=411"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}