我有 2 个盒子,盒子 A 和 B。盒子 A 和 B 都使用相同的公钥/私钥对来加密和解密数据。盒子 A 中一切正常,但在盒子 B 中无法解密我用相同密钥加密的文件。
我从 A 导出密钥并将其导入到 B,在进行简单的加密/解密时,我得到以下内容:
在 AI 中运行 pgp 版本:
PGP Command Line 9.0.6 build 59
我使用以下内容进行加密/解密:
pgp --recipient <KEY UID> --encrypt foo
pgp --passphrase <PASSPHRASE> --decrypt foo.pgp
并且文件加密/解密成功。
现在在 B 中运行 gpg 版本:
gpg (GnuPG) 2.0.22
我使用以下内容进行加密/解密:
gpg --recipient <KEY UID> --encrypt foo
gpg --passphrase <PASSPHRASE> --decrypt foo.gpg
但是加密时我得到以下输出:
gpg: <SUBKEYID>: There is no assurance this key belongs to the named user
pub 1024R/<SUBKEYID> 2017-12-15 <KEY UID>
Primary key fingerprint: <PKEY FINGERPRINT>
Subkey fingerprint: <SKEY FINGERPRINT>
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
Use this key anyway? (y/N) y
并且它加密成功(imo),然后当使用与 A 中完全相同的密码解密时,我收到以下错误:
You need a passphrase to unlock the secret key for
user: "<KEY UID>"
1024-bit RSA key, ID <SUBKEYID>, created 2017-12-15. (main key ID <PUBID>)
gpg: cancelled by user
gpg: encrypted with 1024-bit RSA key, ID <SUBKEYID>, created 2017-12-15
"<KEY UID>"
gpg: public key decryption failed: Operation cancelled
gpg: decryption failed: No secret key
如果密钥和密码与 A 中一样有效,为什么我在 B 中会遇到错误?我在网上试了很多方法,但都没有用,而且我对此很陌生,所以真的很困惑。提前谢谢。
答案1
您需要设置导入的密钥的信任级别:
gpg --edit-key <KEY_ID>
gpg> trust
您将被要求从以下选项中选择信任级别:
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
选择5,因为你最终相信自己。它会要求你确认你的决定:
Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y
确认后,您应该可以使用该密钥进行加密。