"GPG Key 생성"의 두 판 사이의 차이

2024년 4월 27일 (토) 22:37 기준 최신판

1 개요[ | ]

generate gpg key
GPG KEY 생성
GPG 공개키 개인키 생성

아래 스크립트 대신 gpg --gen-key를 이용하면 대화식으로 진행할 수 있다.

2 명령어[ | ]

rngd -r /dev/urandom
gpg-agent --use-standard-socket --daemon
cat <<EOF | gpg --batch --no-tty --gen-key
%echo Generating a standard key
Key-Type: default
Key-Length: 2048
Subkey-Type: default
Subkey-Length: 2048
Name-Real: example
Name-Email: example@example.com
Expire-Date: 0
Passphrase: secret
%commit
%echo done
EOF
gpg --export -a 'example' > RPM-GPG-KEY-jmnote
gpg --export-secret-keys -a 'example' > RPM-GPG-KEY-jmnote.secret

→ Name-Real, Name-Email, Passphrase를 원하는 값으로 입력한다. (나머지는 기본값임)

3 실행예시[ | ]

[root@zetawiki ~]# rngd -r /dev/urandom
[root@zetawiki ~]# gpg-agent --use-standard-socket --daemon
gpg-agent[2534]: directory `/root/.gnupg/private-keys-v1.d' created
gpg-agent[2535]: gpg-agent (GnuPG) 2.0.14 started
GPG_AGENT_INFO=/root/.gnupg/S.gpg-agent:2535:1; export GPG_AGENT_INFO;

[root@zetawiki ~]# cat <<EOF | gpg --batch --no-tty --gen-key
> %echo Generating a standard key
> Key-Type: default
> Key-Length: 2048
> Subkey-Type: default
> Subkey-Length: 2048
> Name-Real: example
> Name-Email: example@example.com
> Expire-Date: 0
> Passphrase: secret
> %commit
> %echo done
> EOF
gpg: Generating a standard key
gpg: key 3110D314 marked as ultimately trusted
gpg: done

[root@zetawiki ~]# gpg --export -a 'example' > RPM-GPG-KEY-jmnote
[root@zetawiki ~]# gpg --export-secret-keys -a 'example' > RPM-GPG-KEY-jmnote.secret

[root@zetawiki ~]# pkill gpg-agent
gpg-agent[2535]: SIGTERM received - shutting down ...
gpg-agent[2535]: gpg-agent (GnuPG) 2.0.14 stopped

4 확인[ | ]

위에서 생성된 RPM-GPG-KEY-jmnote 는 공개키 파일, RPM-GPG-KEY-jmnote.secret은 개인키 파일이다.

[root@zetawiki ~]# cat RPM-GPG-KEY-jmnote
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.14 (GNU/Linux)

mQENBFNUhEoBCAC1v7pwnpWfikT3r+SgPAgtOlj5MfcnW0EHGrX/YbxQY4xLYX9/
KXbrTEW0RDsssfs9aCH0yJXxDtNfLfuwCUk9D1scElG45UMF0hPy0vrNY4Fs+rxp
...(생략)
7unk3w9WaHrEN+ztugMUvQaxn1iR7ug/OeukuXqbfEUvdYnoC3S2BZjRXoZOBSdW
fMkjgc0B5i0S6G+fymnwtOtEGWJ/CygoLHIk1w==
=wPaT
-----END PGP PUBLIC KEY BLOCK-----

[root@zetawiki ~]# cat RPM-GPG-KEY-jmnote.secret 
-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: GnuPG v2.0.14 (GNU/Linux)

lQO+BFNUhEoBCAC1v7pwnpWfikT3r+SgPAgtOlj5MfcnW0EHGrX/YbxQY4xLYX9/
KXbrTEW0RDsssfs9aCH0yJXxDtNfLfuwCUk9D1scElG45UMF0hPy0vrNY4Fs+rxp
... (생략)
FL0GsZ9Yke7oPznrpLl6m3xFL3WJ6At0tgWY0V6GTgUnVnzJI4HNAeYtEuhvn8pp
8LTrRBlifwsoKCxyJNc=
=C7xF
-----END PGP PRIVATE KEY BLOCK-----

5 같이 보기[ | ]

6 참고[ | ]

@@ 6번째 줄: / 6번째 줄: @@
 ==명령어==
-<source lang='bash'>
+<syntaxhighlight lang='bash'>
 rngd -r /dev/urandom
 gpg-agent --use-standard-socket --daemon
@@ 22번째 줄: / 22번째 줄: @@
 %echo done
 EOF
-gpg --export -a 'example' > /vagrant/modules/usemyrepo/files/MY-RPM-GPG-KEY.pub
+gpg --export -a 'example' > RPM-GPG-KEY-jmnote
-gpg --export-secret-keys -a 'example' > /vagrant/modules/rpmbuild/files/MY-RPM-GPG-KEY.secret
+gpg --export-secret-keys -a 'example' > RPM-GPG-KEY-jmnote.secret
-</source>
+</syntaxhighlight>
 :→ Name-Real, Name-Email, Passphrase를 원하는 값으로 입력한다. (나머지는 기본값임)
 ==실행예시==
-<source lang='dos'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# rngd -r /dev/urandom
+[root@zetawiki ~]# rngd -r /dev/urandom
-[root@jmnote ~]# gpg-agent --use-standard-socket --daemon
+[root@zetawiki ~]# gpg-agent --use-standard-socket --daemon
 gpg-agent[2534]: directory `/root/.gnupg/private-keys-v1.d' created
 gpg-agent[2535]: gpg-agent (GnuPG) 2.0.14 started
 GPG_AGENT_INFO=/root/.gnupg/S.gpg-agent:2535:1; export GPG_AGENT_INFO;
-</source>
+</syntaxhighlight>
-<source lang='dos'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# cat <<EOF | gpg --batch --no-tty --gen-key
+[root@zetawiki ~]# cat <<EOF | gpg --batch --no-tty --gen-key
 > %echo Generating a standard key
 > Key-Type: default
@@ 52번째 줄: / 52번째 줄: @@
 gpg: key 3110D314 marked as ultimately trusted
 gpg: done
-</source>
+</syntaxhighlight>
-<source lang='dos'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# gpg --export -a 'example' > MY-RPM-GPG-KEY.pub
+[root@zetawiki ~]# gpg --export -a 'example' > RPM-GPG-KEY-jmnote
-[root@jmnote ~]# gpg --export-secret-keys -a 'example' > MY-RPM-GPG-KEY.secret
+[root@zetawiki ~]# gpg --export-secret-keys -a 'example' > RPM-GPG-KEY-jmnote.secret
-</source>
+</syntaxhighlight>
-<source lang='dos'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# pkill gpg-agent
+[root@zetawiki ~]# pkill gpg-agent
 gpg-agent[2535]: SIGTERM received - shutting down ...
 gpg-agent[2535]: gpg-agent (GnuPG) 2.0.14 stopped
-</source>
+</syntaxhighlight>
 ==확인==
-<source lang='dos'>
+*위에서 생성된 RPM-GPG-KEY-jmnote 는 공개키 파일, RPM-GPG-KEY-jmnote.secret은 개인키 파일이다.
-[root@jmnote ~]# cat MY-RPM-GPG-KEY.pub
+<syntaxhighlight lang='console'>
+[root@zetawiki ~]# cat RPM-GPG-KEY-jmnote
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v2.0.14 (GNU/Linux)
@@ 76번째 줄: / 77번째 줄: @@
 =wPaT
 -----END PGP PUBLIC KEY BLOCK-----
-</source>
+</syntaxhighlight>
-<source lang='dos'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# cat MY-RPM-GPG-KEY.secret
+[root@zetawiki ~]# cat RPM-GPG-KEY-jmnote.secret
 -----BEGIN PGP PRIVATE KEY BLOCK-----
 Version: GnuPG v2.0.14 (GNU/Linux)
@@ 89번째 줄: / 90번째 줄: @@
 =C7xF
 -----END PGP PRIVATE KEY BLOCK-----
-</source>
+</syntaxhighlight>
 ==같이 보기==
+*[[rpm-build를 위한 GPG Key 생성]]
 *[[GPG]]
 *[[.pem]]
-==참고 자료==
+==참고==
-*https://github.com/practicalweb/vagrant-rpmbuild/blob/master/generate-gpg-key.sh
+* https://github.com/practicalweb/vagrant-rpmbuild/blob/master/generate-gpg-key.sh
+* https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key
 [[분류: GPG]]
+[[분류: /dev/urandom]]