密码管理软件keepass及GPG文件验证
密码管理工具keepass及keepassXC
https://keepass.info/download.html
https://keepassxc.org/download/
相比较于1P,lastpass,keepass采用另外一种方式,开发人员也很强,对于它的使用方完全不逊色于前者。
因为keepassC#开发,只支持Win版本,所有再开发的keepassx和keepassXC,目前用keepassXC和对应得chrome插件搭配使用。对于移动端,可以参考下载使用。IOS上,KeePassium只支持icloud同步,fantasy目前来说,体验还可以,strongbox还好,主要使免费版本不支持faceID开启,KeePassium和strongbox的付费比fantasy贵很多。
下载的gpg文件验证
Linux下验证gpg文件
GnuPG
(GPG) 是 基于 OpenPGP
(由 RFC4880 定义,也被称为 PGP
) 的一个完整的和免费的实现。我们可以使用 GPG
来对我们的数据和通信进行加密(encrypt)和签名(sign), 它具有通用的密钥管理系统,以及各种公钥目录的访问模块。我们可以很容易地使用 GPG
提供的命令行工具 (当前它还提供不同平台下的图形界面工具 frontends, 以及库文件 libraries) 与其他的应用进行结合。同时还对 S/MIME
和 SSH(Security Shell)
提供支持.
Linux 命令行,掌握命令行,Window (Gpg4win
)等其他客户端
安装客户端后可测试,gpg --help。
gpg --output doc.sig --sign doc gpg --output doc --decrypt doc.sig
验证步骤
- 下载文件:https://keepassxc.org/download/,KeePassXC-2.7.1-Win64.zip.sig,KeePassXC-2.7.1-Win64.zip,https://keepassxc.org/keepassxc_master_signing_key.asc,下载这三个文件,后面会用到。
- 帮助文件网址:https://keepassxc.org/verifying-signatures/
- 导入public key
- 官方提供的方式
- 方法一:gpg --keyserver keys.openpgp.org --recv-keys CFB4C2166397D0D2
- 方法二:gpg --fetch-keys https://keepassxc.org/keepassxc_master_signing_key.asc
- 方法三:下载文件 https://keepassxc.org/keepassxc_master_signing_key.asc,然后 gpg --import keepassxc_master_signing_key.asc
gpg --import keepassxc_master_signing_key.asc gpg: key CFB4C2166397D0D2: 1 duplicate signature removed gpg: key CFB4C2166397D0D2: 65 signatures not checked due to missing keys gpg: /home/xxx/.gnupg/trustdb.gpg: trustdb created gpg: key CFB4C2166397D0D2: public key "KeePassXC Release <release@keepassxc.org>" imported gpg: Total number processed: 1 gpg: imported: 1 gpg: no ultimately trusted keys found
- 然后查看一下:gpg --fingerprint CFB4C2166397D0D2,对比网址上的显示,是否一致
Desktop gpg --fingerprint CFB4C2166397D0D2 pub rsa4096 2017-01-03 [SC] BF5A 669F 2272 CF43 24C1 FDA8 CFB4 C216 6397 D0D2 uid [ unknown] KeePassXC Release <release@keepassxc.org> sub rsa2048 2017-01-03 [S] [expires: 2024-12-04] sub rsa2048 2017-01-03 [S] [expires: 2024-12-04]
- 然后开始验证:gpg --verify KeePassXC-2.7.1-Win64.zip.sig KeePassXC-2.7.1-Win64.zip
~Desktop gpg --verify KeePassXC-2.7.1-Win64.zip.sig KeePassXC-2.7.1-Win64.zip gpg: Signature made Wed Apr 6 11:18:04 2022 CST gpg: using RSA key C1E4CBA3AD78D3AFD894F9E0B7A66F03B59076A8 gpg: Good signature from "KeePassXC Release <release@keepassxc.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: BF5A 669F 2272 CF43 24C1 FDA8 CFB4 C216 6397 D0D2 Subkey fingerprint: C1E4 CBA3 AD78 D3AF D894 F9E0 B7A6 6F03 B590 76A8
- 只要using RSA key和Subkey fingerprint一致就是正确的。