如何导出私有/秘密 ASC 密钥来解密 GPG 文件

发布于 2024-10-31 14:43:03 字数 315 浏览 4 评论 0原文

背景:我的老板尝试通过公共和私有部分向我导出 ASC 密钥,但每当我获取文件时,私有部分永远不会加载,也不会解密任何文件。

我们尝试使用以下方法导出 ASC 密钥:

  • Windows 应用程序 Kleopatra 2.1(包含在 gpg4win 中)

  • Windows 应用程序 GNU Privacy Assistant(包含在 gpg4win 中)

    错误:“解密失败。密钥不可用。” 
    

如何正确导出秘密或私人 asc 密钥来解密 gpg 文件?

Background: My boss has tried exporting an ASC key to me with public and private parts but whenever I get the file the private part never loads up and it won't decrypt any files.

We have tried Exporting the ASC Key using:

  • Windows Application Kleopatra 2.1 (included in gpg4win)

  • Windows Application GNU Privacy Assistant (included in gpg4win)

    Error: "Decryption failed. Secret Key Not available." 
    

How do you properly export a secret or private asc key to decrypt gpg files?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(7

哎呦我呸! 2024-11-07 14:43:03

您可以使用GPG 命令行工具导出私钥。它在 Windows shell 上运行。使用以下命令:

gpg --export-secret-keys

使用 --export 的正常导出不会包含任何私钥,因此您必须使用 --export-secret-keys

编辑:

总结我的评论中给出的信息,该命令允许您将 ID 为 1234ABCD 的特定密钥导出到文件 Secret.asc:

gpg --export-secret-keys --armor 1234ABCD > secret.asc

您可以使用以下命令找到所需的 ID。 ID 是第二列的第二部分:

gpg --list-keys

仅导出 1 个特定密钥而不是全部密钥:

gpg --export-secret-keys keyIDNumber > exportedKeyFilename.asc

keyIDNumber 是您尝试导出的所需密钥的密钥 ID 号。

You can export the private key with the command-line tool from GPG. It works on the Windows-shell. Use the following command:

gpg --export-secret-keys

A normal export with --export will not include any private keys, therefore you have to use --export-secret-keys.

Edit:

To sum up the information given in my comments, this is the command that allows you to export a specific key with the ID 1234ABCD to the file secret.asc:

gpg --export-secret-keys --armor 1234ABCD > secret.asc

You can find the ID that you need using the following command. The ID is the second part of the second column:

gpg --list-keys

To Export just 1 specific secret key instead of all of them:

gpg --export-secret-keys keyIDNumber > exportedKeyFilename.asc

keyIDNumber is the number of the key id for the desired key you are trying to export.

南巷近海 2024-11-07 14:43:03

以上所有回复都是正确的,但可能缺少一个关键步骤,您需要编辑导入的密钥并“最终信任”该密钥

gpg --edit-key (keyIDNumber)
gpg> trust

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

,然后选择 5 启用该导入的私钥作为您的密钥之一

All the above replies are correct, but might be missing one crucial step, you need to edit the imported key and "ultimately trust" that key

gpg --edit-key (keyIDNumber)
gpg> trust

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

and select 5 to enable that imported private key as one of your keys

暖伴 2024-11-07 14:43:03

请参阅 Dark Otter 的治疗方法

https://montemazuma .wordpress.com/2010/03/01/moving-a-gpg-key-privately/

如果网站已关闭,请参考 archive.org 备份:

https://web.archive.org /web/20170518155052/https://montemazuma.wordpress.com/2010/03/01/moving-a-gpg-key-privately/

其中包括一种相当安全的密钥传输方式。您可以将该建议放入如下所示的 shell 脚本中以供重复使用。

首先从显示的列表中获取所需的 KEYID

$ gpg -K

从结果列表中记下传输所需的 KEYID(秒后的 8 个十六进制数)。

然后在第一个帐户上调用经过测试的 shell scipts“export_private_key”并生成 pubkey.gpg + keys.asc。随后调用第二个帐户“import_private_key”。以下是使用 cat 显示的内容(复制并粘贴内容):

$ cat export_private_key 
gpg -K
echo "select private key"
read KEYID
gpg --output pubkey.gpg --export $KEYID
echo REMEMBER THE COMING PASS-PHRASE
gpg --output - --export-secret-key $KEYID | \
   cat pubkey.gpg - | \
   gpg --armor --output keys.asc --symmetric --cipher-algo AES256
ls -l pubkey.gpg keys.asc
####################  E X P O R T _ P R I V A T E _ K E Y  #####################

现在通过某种方式将“pubkey.gpg”(如果需要)和私有“keys.asc”传输到第二个帐户,并调用下面所示的程序。

$ cat import_private_key 
gpg --no-use-agent --output - keys.asc | gpg --import
###################  I M P O R T _ P R I V A T E _ K E Y  ######################

本着 Otter 的精神“那,应该是那”。

See the treatment by Dark Otter

https://montemazuma.wordpress.com/2010/03/01/moving-a-gpg-key-privately/

If the site is down use reference the archive.org backup:

https://web.archive.org/web/20170518155052/https://montemazuma.wordpress.com/2010/03/01/moving-a-gpg-key-privately/

which includes a reasonably secure way to transfer keys. You could put that recommendation into shell-scripts shown below for repeated use.

First get the KEYID you want from the list shown by

$ gpg -K

From the resulting list note the KEYID (the 8 hexadecimals following sec) you need for transfer.

Then envoke the tested shell scipts "export_private_key" on the first account and generate your pubkey.gpg + keys.asc. Subsequently invoke on the second account "import_private_key". Here is their content shown with cat (copy & paste content):

$ cat export_private_key 
gpg -K
echo "select private key"
read KEYID
gpg --output pubkey.gpg --export $KEYID
echo REMEMBER THE COMING PASS-PHRASE
gpg --output - --export-secret-key $KEYID | \
   cat pubkey.gpg - | \
   gpg --armor --output keys.asc --symmetric --cipher-algo AES256
ls -l pubkey.gpg keys.asc
####################  E X P O R T _ P R I V A T E _ K E Y  #####################

Now tranfer by some means the "pubkey.gpg" (if needed) and the private "keys.asc" to the second account and envoke the below-shown program.

$ cat import_private_key 
gpg --no-use-agent --output - keys.asc | gpg --import
###################  I M P O R T _ P R I V A T E _ K E Y  ######################

In Otter's spirit "And that, should be, that".

仄言 2024-11-07 14:43:03

我认为您尚未导入私钥,如消息错误所示,要从 gnupg 导入公钥/私钥:

gpg --import mypub_key
gpg --allow-secret-key-import --import myprv_key

I think you had not yet import the private key as the message error said, To import public/private key from gnupg:

gpg --import mypub_key
gpg --allow-secret-key-import --import myprv_key
柳若烟 2024-11-07 14:43:03

这最终对我有用:

gpg -a --export-secret-keys > exportedKeyFilename.asc 

您可以使用任何名称命名 keyfilename.asc,只要保留 .asc 扩展名即可。
此命令将用户计算机上的所有密钥复制到调用该命令的工作目录中的 keyfilename.asc 中。

仅导出 1 个特定密钥而不是全部密钥:

gpg -a --export-secret-keys keyIDNumber > exportedKeyFilename.asc

keyIDNumber 是您尝试导出的所需密钥的密钥 ID 号。

this ended up working for me:

gpg -a --export-secret-keys > exportedKeyFilename.asc 

you can name keyfilename.asc by any name as long as you keep on the .asc extension.
this command copies all secret-keys on a user's computer to keyfilename.asc in the working directory of where the command was called.

To Export just 1 specific secret key instead of all of them:

gpg -a --export-secret-keys keyIDNumber > exportedKeyFilename.asc

keyIDNumber is the number of the key id for the desired key you are trying to export.

无法回应 2024-11-07 14:43:03

1.导出一个Secret Key(这是你老板应该为你做的)

gpg --export-secret-keys yourKeyName > privateKey.asc

2.Import Secret Key(导入你的私钥)

gpg --import privateKey.asc

3.还没有完成,你仍然需要最终信任一个密钥。
您需要确保您最终也信任密钥。

gpg --edit-key yourKeyName

输入 trust, 5, y,然后退出

来源:https: //medium.com/@GalarnykMichael/public-key-asym-cryptography-using-gpg-5a8d914c9bca

1.Export a Secret Key (this is what your boss should have done for you)

gpg --export-secret-keys yourKeyName > privateKey.asc

2.Import Secret Key (import your privateKey)

gpg --import privateKey.asc

3.Not done yet, you still need to ultimately trust a key.
You will need to make sure that you also ultimately trust a key.

gpg --edit-key yourKeyName

Enter trust, 5, y, and then quit

Source: https://medium.com/@GalarnykMichael/public-key-asymmetric-cryptography-using-gpg-5a8d914c9bca

jJeQQOZ5 2024-11-07 14:43:03

@Wolfram J 的回答类似,这里有一种加密私钥的方法带有密码

gpg --output - --armor --export $KEYID | \
    gpg --output private_key.asc --armor --symmetric --cipher-algo AES256

以及相应的解密方法:

gpg private_key.asc

Similar to @Wolfram J's answer, here is a method to encrypt your private key with a passphrase:

gpg --output - --armor --export $KEYID | \
    gpg --output private_key.asc --armor --symmetric --cipher-algo AES256

And a corresponding method to decrypt:

gpg private_key.asc
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文