记录我在 Mac 上安装 gpg 的过程及使用
定义
gpg 是加密和数字签名的免费工具,大多用于加密信息的传递。除了仅用密码加密外,GPG 最大的不同是提供了“公钥/私钥”对。利用一方的“公钥”别人加密信息不再需要告诉密码,随时随地都能发送加密信息。而这种加密是单向的,只有一方的“私钥”能解开加密。数字签名又是另一大使用方向。通过签名认证,别人能确保发布的消息来自一方,而且没有经过修改。
安装
安装命令利用 brew 即可,具体视操作环境有所差异。
sh-3.2# brew install gpg
**==>** **Downloading https://homebrew.bintray.com/bottles/gnupg-1.4.20.el_capitan.bottle.tar.gz**
######################################################################## 100.0%
**==>** **Pouring gnupg-1.4.20.el_capitan.bottle.tar.gz**
/usr/local/Cellar/gnupg/1.4.20: 53 files, 5.4M
sh-3.2# gpg --version
gpg (GnuPG) 1.4.20
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ~/.gnupg
支持的算法:
公钥:RSA, RSA-E, RSA-S, ELG-E, DSA
对称加密:IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256,
TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256
散列:MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
压缩:不压缩, ZIP, ZLIB, BZIP2
生成私钥
安装之后需要利用 gpg --gen-key 命令生成私钥,这一步需要对私钥的用户、邮箱、有效期进行配置,我的操作记录如下:
sh-3.2# gpg --gen-key
gpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
请选择您要使用的密钥种类:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (仅用于签名)
(4) RSA (仅用于签名)
您的选择?
RSA 密钥长度应在 1024 位与 4096 位之间。
您想要用多大的密钥尺寸?(2048)
您所要求的密钥尺寸是 2048 位
请设定这把密钥的有效期限。
0 = 密钥永不过期
= 密钥在 n 天后过期
w = 密钥在 n 周后过期
m = 密钥在 n 月后过期
y = 密钥在 n 年后过期
密钥的有效期限是?(0)
密钥永远不会过期
以上正确吗?(y/n)y
您需要一个用户标识来辨识您的密钥;本软件会用真实姓名、注释和电子邮件地址组合
成用户标识,如下所示:
“Heinrich Heine (Der Dichter) ”
真实姓名:liumei
姓名含有无效的字符
真实姓名:liumapp (liumapp)
姓名含有无效的字符
真实姓名:liumapp
电子邮件地址:liumapp.com@gmail.com
注释:
您选定了这个用户标识:
“liumapp ”
更改姓名(N)、注释(C)、电子邮件地址(E)或确定(O)/退出(Q)?o
您需要一个密码来保护您的私钥。
我们需要生成大量的随机字节。这个时候您可以多做些琐事(像是敲打键盘、移动
鼠标、读写硬盘之类的),这会让随机数字发生器有更好的机会获得足够的熵数。
........+++++
...+++++
我们需要生成大量的随机字节。这个时候您可以多做些琐事(像是敲打键盘、移动
鼠标、读写硬盘之类的),这会让随机数字发生器有更好的机会获得足够的熵数。
....+++++
+++++
gpg: /var/root/.gnupg/trustdb.gpg:建立了信任度数据库
gpg: 密钥 636BA03D 被标记为绝对信任
公钥和私钥已经生成并经签名。
gpg: 正在检查信任度数据库
gpg: 需要 3 份勉强信任和 1 份完全信任,PGP 信任模型
gpg: 深度:0 有效性: 1 已签名: 0 信任度:0-,0q,0n,0m,0f,1u
pub 2048R/636BA03D 2017-07-20
密钥指纹 = 7CFB 016A 298A C90C C324 6A32 DAB3 F9DA 636B A03D
uid liumapp
sub 2048R/9F2B7F4B 2017-07-20
发布公钥
首先我们要看看自己的公钥编号是什么:
sh-3.2# gpg --list-keys
/var/root/.gnupg/pubring.gpg
----------------------------
pub 2048R/636BA03D 2017-07-20
uid liumapp
sub 2048R/9F2B7F4B 2017-07-20
可以看到,我的公钥编号是 636BA03D,所以接下来使用命令:
gpg2 --keyserver hkp://pool.sks-keyservers.net --send-keys 636BA03D
将公钥上传到线上
sh-3.2# gpg2 --keyserver hkp://pool.sks-keyservers.net --send-keys 636BA03D
gpg: sending key 636BA03D to hkp server pool.sks-keyservers.net
使用
gpg 的使用一般搭配 Maven,比如 maven 的插件 maven-gpg-plugin,当然也有很多其他的用法,官方的说明比较详细:working-with-pgp。我自己仅仅就 maven-gpg-plugin 的使用进行一个记录。
场景说明
利用 maven 和 gpg,将一个 maven 项目上传到 maven 中央仓库的私服中。
配置
pom.xml:
首先需要取保虾面的几项基础配置要有:
<licenses>
<license>
<name>GNU General Public License v3.0</name>
<url>http://www.gnu.org/licenses/agpl-3.0.html</url>
<distribution>repo</distribution>
<comments>A socket manager</comments>
</license>
</licenses>
<developers>
<developer>
<name>liumapp</name>
<url>http://www.liumapp.com</url>
<email>liumapp.com@gmail.com</email>
</developer>
</developers>
<scm>
<connection>scm:git:https://github.com/liumapp/DNSQueen.git</connection>
<developerConnection>scm:git:https://github.com/liumapp/DNSQueen.git</developerConnection>
<url>https://github.com/liumapp/DNSQueen</url>
<tag>v${project.version}</tag>
</scm>
<distributionManagement>
<snapshotRepository>
<id>ossrh</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
<repository>
<id>ossrh</id>
<name>Maven Central Staging Repository</name>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
然后添加以下插件:
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.3</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.6</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.10.3</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
然后便要修改 maven 的 settings.xml 文件,打开 maven 的安装目录,找到 config 下的 settings.xml,在 servers 节点和 profiles 节点分别添加以下两段内容:
<server>
<id>ossrh</id>
<username>sonatype的用户名</username>
<password>sonatype的密码</password>
</server>
<profile>
<id>ossrh</id>
<activation>
<activeByDefault>true</activeByDefault>//这个true的作用就是oss.sonatype的Staging Repositories会自动release
</activation>
<properties>
<gpg.executable>gpg2</gpg.executable>
<gpg.passphrase>安装gpg时设置的密码</gpg.passphrase>
</properties>
</profile>
然后我们回到 maven 的项目根目录,执行:
mvn deploy -Dmaven.test.skip=true -e
如果看到 build success 的话,那么此刻我们的 maven 项目应该成功上传到 maven 中央仓库的一个私服里面了。我这边的相关日志如下:
Uploading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0.pom.asc
Uploaded: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0.pom.asc (473 B at 0.1 KB/sec)
Downloading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/maven-metadata.xml
Uploading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/maven-metadata.xml
Uploaded: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/maven-metadata.xml (299 B at 0.2 KB/sec)
Uploading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0-javadoc.jar.asc
Uploaded: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0-javadoc.jar.asc (473 B at 1.2 KB/sec)
Uploading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0-sources.jar.asc
Uploaded: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0-sources.jar.asc (473 B at 1.6 KB/sec)
Uploading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0.jar
Uploaded: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0.jar (29 KB at 17.1 KB/sec)
Uploading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0.pom
Uploaded: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0.pom (6 KB at 4.7 KB/sec)
Uploading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0.jar.asc
Uploaded: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0.jar.asc (473 B at 1.6 KB/sec)
Uploading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0-sources.jar
Uploaded: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0-sources.jar (17 KB at 13.6 KB/sec)
Uploading: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0-javadoc.jar
Uploaded: https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/comliumapp-1007/com/liumapp/DNSQueen/1.0.0/DNSQueen-1.0.0-javadoc.jar (131 KB at 18.6 KB/sec)
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "comliumapp-1007".
Waiting for operation to complete.........
[INFO] Remote staged 1 repositories, finished with success.
[INFO] Remote staging repositories are being released...
Waiting for operation to complete..........
[INFO] Remote staging repositories released.
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:33 min
[INFO] Finished at: 2017-07-20T14:08:53+08:00
[INFO] Final Memory: 31M/562M
[INFO] ------------------------------------------------------------------------
最后附一张私服截图:
欢迎来到这里!
我们正在构建一个小众社区,大家在这里相互信任,以平等 • 自由 • 奔放的价值观进行分享交流。最终,希望大家能够找到与自己志同道合的伙伴,共同成长。
注册 关于