我正在尝试使用 GPG 解密文件。私钥存储在我的 Yubikey 上,但我从 GPG 收到以下消息:
shell> gpg --output test-temp --decrypt git-token.gpg
gpg: encrypted with 255-bit ECDH key, ID 38033A6C1F5941E8, created 2022-04-22
"User Name <[email protected]>"
gpg: decryption failed: No secret key
然而,当检查 GPG 卡时,它可以很好地看到私钥:
General key info..:
pub ed25519/F5BA3C4BA7D63D15 2022-04-22 User Name <[email protected]>
sec> ed25519/F5BA3C4BA7D63D15 created: 2022-04-22 expires: never
card-no: [REDACTED]
ssb# ed25519/A31508BC36769673 created: 2022-04-22 expires: never
ssb# cv25519/38033A6C1F5941E8 created: 2022-04-22 expires: never
正如您所看到的,密钥 ID 是匹配的。
私钥/公钥对也正确存在于我的钥匙串中:
shell> gpg -k
pub ed25519 2022-04-22 [SC]
0D9E4996BF56ED20DC3162BEF5BA3C4BA7D63D15
uid [ultimate] User Name <[email protected]>
sub ed25519 2022-04-22 [A]
sub cv25519 2022-04-22 [E]
shell> gpg -K
/home/user/.gnupg/pubring.kbx
-------------------------------
sec> ed25519 2022-04-22 [SC]
0D9E4996BF56ED20DC3162BEF5BA3C4BA7D63D15
Card serial no. = [REDACTED]
uid [ultimate] User Name <[email protected]>
ssb# ed25519 2022-04-22 [A]
ssb# cv25519 2022-04-22 [E]
该文件已使用加密gpg --encrypt --armor --output git-token.gpg --recipient [email protected] git-token
是什么赋予了?我的设置可以很好地进行签名(例如在 Git 中)。