如何验证我是否真的在使用GPG和他的公钥与朋友聊天?
[英]How to verify whether I am really chatting with my friend using GPG and his public key?
问题描述
I am chatting with my friend via Skype chat and I want to know whether it is really my friend Bob on the other side. 
我正在通过Skype聊天与朋友聊天,我想知道对方是否真的是我的朋友Bob。 I have Bob's public key and I am 100% sure that this is real Bob's public key. 我有Bob的公钥,而且我100%确信这是真实的Bob的公钥。 How can I verify that this is really Bob who is chatting with me? 我该如何确认这确实是鲍勃在和我聊天?
a] I will ask the guy to send me a file signed by him. a]我会请那个家伙给我发送一个由他签名的文件。 Then I will verify the signature. 然后,我将验证签名。
b] I will send the guy a file signed by real Bob's public key and ask him to verify the file. b]我将给他发送一个用真实鲍勃的公钥签名的文件,并请他验证该文件。
c] I will send the guy a file and ask him to sign it. c]我将给他发送一个文件,并请他签名。 Then I will verify his signature. 然后,我将验证他的签名。
I think option A] makes sense. 我认为选项A]有意义。 Am I correct? 我对么? This is just a hypothetical situation. 这只是一种假设情况。
1 个解决方案
解决方案1
0 已采纳 2017-12-01 15:02:17
I would suggest the following: 我建议以下内容:
Your "friends" can encrypt messages using GPG: 您的“朋友”可以使用GPG加密邮件:
gpg --encrypt --sign --armor -r your-user-id some-message.txt
This will encrypt some-message.txt using your public key ( your-user-id ) and signs it with their own private key to guarantee that it is coming from them. 这将使用您的公钥( your-user-id )对some-message.txt进行加密,并使用自己的私钥对其进行签名,以确保它来自他们。
Provided you have already added their public key, when you receive the message, simply call GPG on the message file: 如果您已经添加了他们的公钥,则在收到消息时,只需在消息文件上调用GPG:
gpg some-message.txt
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.