GPG KEY 產生錯誤排除


今天在測試GPG KEY建置時,一直出現問題,底下把排除的方式記錄下來,下次再使用就可以簡單的許多:

host2:~ # gpg –gen-key
gpg (GnuPG) 2.0.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection?
DSA keypair will have 1024 bits.
ELG keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n>  = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
“Heinrich Heine (Der Dichter) <>”

Real name: Figqaro Yang
Email address:
Comment: IT
You selected this USER-ID:
“Figqaro Yang (IT) <>”

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

can’t connect to `/root/.gnupg/S.gpg-agent’: No such file or directory  ==> 問題一會出現連線不到 gpg-agent問題
gpg-agent[11017]: directory `/root/.gnupg/private-keys-v1.d’ created
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy. ==>問題二會告知系統目前的random bytes不足

問題一的解決方式可以在系統中建立一個腳本程式來啟動 gpg-agent:


# Start gpg-agent daemon and create symbolic link in $HOME/.gnupg/S.gpg-agent

PID=`pidof gpg-agent`

if [ “$STATUS” -eq 1 ]; then
echo “Start gpg-agent daemon.”
gpg-agent –allow-preset-passphrase –daemon
echo “gpg-agent already running.”

SOCKET_FILE=`find /tmp/gpg-* -name $SOCKET_NAME`
echo “setup socket file link.”
cp -fs $GPG_SOCKET_FILE $HOME/.gnupg/S.gpg-agent

# setup directory permission

chmod 0700 $HOME/.gnupg

因此只要在執行 gpg 指令前執行上面這個腳本程式,便可以解決找不到 gpg-agent 的問題。

問題二的解決方式比較簡單,random bytes不足時讀者可以用鍵盤敲打文字、移動滑鼠或是最快的方式安裝移除套件都會快速累積 random bytes,當然如果不處理也是可以產生GPG KEY,不過不知道要等幾天就是了

  1. randy
    2011年4月7日15:34 | #1


    hint: cp -fs $GPG_SOCKET_FILE … should be changed to
    cp -fs $SOCKET_FILE … or SOCKET_FILE=`…` to GPG_SOCKET_FILE=`…`

    — randy

  2. 2011年4月7日15:51 | #2

    Thank randy ..

  1. 目前尚無任何 trackbacks 和 pingbacks。