{"id":790,"date":"2020-12-05T08:03:24","date_gmt":"2020-12-05T00:03:24","guid":{"rendered":"https:\/\/www.datarelab.com\/blog\/?p=790"},"modified":"2020-12-05T08:03:24","modified_gmt":"2020-12-05T00:03:24","slug":"nitrokey-pro-%e4%bd%bf%e7%94%a8%e6%96%b9%e6%b3%95","status":"publish","type":"post","link":"https:\/\/www.datarelab.com\/blog\/Technical_literature\/790.html","title":{"rendered":"Nitrokey Pro \u4f7f\u7528\u65b9\u6cd5"},"content":{"rendered":"

Windows\u7ba1\u7406Nitrokey Pro\u4f7f\u7528Gpg4win\uff08https:\/\/gpg4win.org\/\uff09\uff0c\u6b64\u5de5\u5177\u4f1a\u81ea\u52a8\u5b89\u88c5GnuPG\uff0c\u8bbe\u7f6eNitrokey Pro\u4fe1\u606f\u7684\u65f6\u5019\u4f1a\u7528\u5230GnuPG\u7684\u547d\u4ee4\u884c\u5de5\u5177\u3002<\/p>\n

 <\/p>\n

GnuPG<\/strong>\u547d\u4ee4\u884c\u8bf4\u660e<\/strong><\/p>\n

gpg --card-status \u67e5\u770b\u667a\u80fd\u5361\u72b6\u6001<\/p>\n

gpg --card-edit \u7f16\u8f91\u667a\u80fd\u5361<\/p>\n

fetch \u53ef\u4ee5\u4ece\u8bbe\u7f6e\u7684url\u4e2d\u83b7\u53d6\u516c\u94a5<\/p>\n

admin \u663e\u793a\u7ba1\u7406\u547d\u4ee4<\/p>\n

passwd \u53ef\u4ee5\u4fee\u6539PIN\u4e0eAdmin PIN\u7801<\/p>\n

gpg --export-ssh-key ************************* \u5bfc\u51fassh\u7528\u7684\u516c\u94a5\uff08\u7b26\u5408ssh\u7684\u89c4\u8303\uff09<\/p>\n

 <\/p>\n

\u8bbe\u7f6e\u8bb0\u5f55<\/strong><\/p>\n

\u9ed8\u8ba4PIN(\u7528\u4e8e\u65e5\u5e38\u64cd\u4f5c\uff0c\u5982\u89e3\u9501\u4ee4\u724c\uff0c\u7b7e\u540d\u548c\u52a0\u89e3\u5bc6\u7b49)\uff1a123456<\/p>\n

\u9ed8\u8ba4Admin PIN\uff1a12345678<\/p>\n

\u91cd\u7f6e\u7801\uff1a(*******************)\u7528\u6237\u91cd\u7f6ePIN<\/p>\n

name: myname<\/p>\n

url: http:\/\/keyserver.ubuntu.com\/pks\/lookup?op=get&fingerprint=on&search=0xF83BB3599EF21740<\/a> (\u7528ubuntu\u7684\u901f\u5ea6\u6bd4\u8f83\u5feb)<\/p>\n

lang: cn<\/p>\n

sex: M<\/p>\n

login: username<\/p>\n

 <\/p>\n

\u6362\u5230\u5176\u5b83\u7535\u8111\u4e0a\u4f7f\u7528Nitrokey Pro\u65f6\u5019\uff0c\u8981\u5148\u5bfc\u5165\u5bf9\u5e94\u7684\u516c\u94a5\uff0c\u5426\u5219gpg\u65e0\u6cd5\u4f7f\u7528Nitrokey Pro\u3002<\/p>\n

 <\/p>\n

\u5982\u679c\u5fd8\u4e86Nitrokey Pro\u7684\u5bc6\u7801\u5b98\u65b9\u63d0\u4f9b\u4e86\u4e00\u4e2a\u5de5\u5177\uff08CryptoStickReset.exe\uff09\uff0c\u53ef\u4ee5\u521d\u59cb\u5316\uff08\u5f88\u5f7b\u5e95\u548c\u65b0\u4e70\u7684\u4e00\u6837\uff09\u3002<\/p>\n

 <\/p>\n

\u53c2\u8003<\/strong><\/p>\n

https:\/\/raymii.org\/s\/articles\/Nitrokey_Start_Getting_started_guide.html<\/a><\/p>\n

https:\/\/www.nitrokey.com\/de\/putty<\/a><\/p>\n

 <\/p>\n

 <\/p>\n

--------------------------------<\/strong>\u5176\u5b83--------------------------------<\/strong><\/p>\n

\u4fee\u6539\u4fe1\u4efb<\/h2>\n

$ gpg --edit-key <Uid><\/p>\n

gpg (GnuPG) 1.4.11; Copyright (C) 2010 Free Software Foundation, Inc.<\/p>\n

This is free software: you are free to change and redistribute it.<\/p>\n

There is NO WARRANTY, to the extent permitted by law.<\/p>\n

 <\/p>\n

pub\u00a0 1024D\/6EDA5E6F\u00a0 created: 2013-08-29\u00a0 expires: never\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 usage: SCA<\/p>\n

trust: full\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 validity: unknown<\/p>\n

sub\u00a0 1024g\/32E0CB1C\u00a0 created: 2013-08-29\u00a0 expires: never\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 usage: E<\/p>\n

[ unknown] (1). <Uid><\/p>\n

 <\/p>\n

gpg> trust<\/p>\n

pub\u00a0 1024D\/6EDA5E6F\u00a0 created: 2013-08-29\u00a0 expires: never\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 usage: SCA<\/p>\n

trust: full\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 validity: unknown<\/p>\n

sub\u00a0 1024g\/32E0CB1C\u00a0 created: 2013-08-29\u00a0 expires: never\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 usage: E<\/p>\n

[ unknown] (1). <Uid><\/p>\n

 <\/p>\n

Please decide how far you trust this user to correctly verify other users' keys<\/p>\n

(by looking at passports, checking fingerprints from different sources, etc.)<\/p>\n

 <\/p>\n

1 = I don't know or won't say<\/p>\n

2 = I do NOT trust<\/p>\n

3 = I trust marginally<\/p>\n

4 = I trust fully<\/p>\n

5 = I trust ultimately<\/p>\n

m = back to the main menu<\/p>\n

 <\/p>\n

Your decision? 5<\/p>\n

Do you really want to set this key to ultimate trust? (y\/N) y<\/p>\n

 <\/p>\n

pub\u00a0 1024D\/6EDA5E6F\u00a0 created: 2013-08-29\u00a0 expires: never\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 usage: SCA<\/p>\n

trust: ultimate\u00a0\u00a0\u00a0\u00a0\u00a0 validity: unknown<\/p>\n

sub\u00a0 1024g\/32E0CB1C\u00a0 created: 2013-08-29\u00a0 expires: never\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 usage: E<\/p>\n

[ unknown] (1). <Uid><\/p>\n

Please note that the shown key validity is not necessarily correct<\/p>\n

unless you restart the program.<\/p>\n

 <\/p>\n

gpg> quit<\/p>\n

 <\/p>\n

\u5c06\u4ee5\u6709\u5bc6\u94a5\u5bfc\u5165\u5230Nitrokey Pro\u4e2d<\/h2>\n

$ gpg --edit-key 559C215F<\/p>\n

gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.<\/p>\n

This is free software: you are free to change and redistribute it.<\/p>\n

There is NO WARRANTY, to the extent permitted by law.<\/p>\n

 <\/p>\n

Secret key is available.<\/p>\n

 <\/p>\n

pub\u00a0 1024D\/559C215F\u00a0 created: 2009-05-04\u00a0 expires: never\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 usage: SC<\/p>\n

trust: ultimate\u00a0\u00a0\u00a0\u00a0\u00a0 validity: ultimate<\/p>\n

sub\u00a0 2048g\/5457F4E7\u00a0 created: 2009-05-04\u00a0 expires: never\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 usage: E<\/p>\n

sub\u00a0 1024R\/E1D9B30D\u00a0 created: 2009-05-13\u00a0 expires: never\u00a0\u00a0 \u00a0\u00a0\u00a0\u00a0usage: S<\/p>\n

sub\u00a0 1024R\/EDDA691E\u00a0 created: 2009-05-13\u00a0 expires: never\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 usage: E<\/p>\n

[ultimate] (1). Martin Gollowitzer (Testing environment) <gollo@fsfe.org><\/p>\n

 <\/p>\n

Command> toggle<\/p>\n

 <\/p>\n

sec\u00a0 1024D\/559C215F\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 2048g\/5457F4E7\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 1024R\/E1D9B30D\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

ssb\u00a0 1024R\/EDDA691E\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

(1)\u00a0 Martin Gollowitzer (Testing environment) <gollo@fsfe.org><\/p>\n

 <\/p>\n

Command> key 2<\/p>\n

 <\/p>\n

sec\u00a0 1024D\/559C215F\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 2048g\/5457F4E7\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb* 1024R\/E1D9B30D\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

ssb\u00a0 1024R\/EDDA691E\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

(1)\u00a0 Martin Gollowitzer (Testing environment) <gollo@fsfe.org><\/p>\n

 <\/p>\n

Command> keytocard<\/p>\n

Signature key ....: [none]<\/p>\n

Encryption key....: [none]<\/p>\n

Authentication key: [none]<\/p>\n

 <\/p>\n

Please select where to store the key:<\/p>\n

(1) Signature key<\/p>\n

(3) Authentication key<\/p>\n

Your selection? 1<\/p>\n

 <\/p>\n

You need a passphrase to unlock the secret key for<\/p>\n

user: \"Martin Gollowitzer (Testing environment) <gollo@fsfe.org>\"<\/p>\n

1024-bit RSA key, ID E1D9B30D, created 2009-05-13<\/p>\n

 <\/p>\n

gpg: generating new key<\/p>\n

gpg: 3 Admin PIN attempts remaining before card is permanently locked<\/p>\n

 <\/p>\n

Admin PIN<\/p>\n

 <\/p>\n

sec\u00a0 1024D\/559C215F\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 2048g\/5457F4E7\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb* 1024R\/E1D9B30D\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

card-no: 0001 00000229<\/p>\n

ssb\u00a0 1024R\/EDDA691E\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

(1)\u00a0 Martin Gollowitzer (Testing environment) <gollo@fsfe.org><\/p>\n

 <\/p>\n

Command> key 2<\/p>\n

 <\/p>\n

sec\u00a0 1024D\/559C215F\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 2048g\/5457F4E7\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 1024R\/E1D9B30D\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

card-no: 0001 00000229<\/p>\n

ssb\u00a0 1024R\/EDDA691E\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

(1)\u00a0 Martin Gollowitzer (Testing environment) <gollo@fsfe.org><\/p>\n

 <\/p>\n

Command> key 3<\/p>\n

 <\/p>\n

sec\u00a0 1024D\/559C215F\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 2048g\/5457F4E7\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 1024R\/E1D9B30D\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

card-no: 0001 00000229<\/p>\n

ssb* 1024R\/EDDA691E\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

(1)\u00a0 Martin Gollowitzer (Testing environment) <gollo@fsfe.org><\/p>\n

 <\/p>\n

Command> keytocard<\/p>\n

Signature key ....: [none]<\/p>\n

Encryption key....: [none]<\/p>\n

Authentication key: [none]<\/p>\n

 <\/p>\n

Please select where to store the key:<\/p>\n

(2) Encryption key<\/p>\n

Your selection? 2<\/p>\n

 <\/p>\n

You need a passphrase to unlock the secret key for<\/p>\n

user: \"Martin Gollowitzer (Testing environment) <gollo@fsfe.org>\"<\/p>\n

1024-bit RSA key, ID EDDA691E, created 2009-05-13<\/p>\n

 <\/p>\n

gpg: generating new key<\/p>\n

 <\/p>\n

sec\u00a0 1024D\/559C215F\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 2048g\/5457F4E7\u00a0 created: 2009-05-04\u00a0 expires: never<\/p>\n

ssb\u00a0 1024R\/E1D9B30D\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

card-no: 0001 00000229<\/p>\n

ssb* 1024R\/EDDA691E\u00a0 created: 2009-05-13\u00a0 expires: never<\/p>\n

card-no: 0001 00000229<\/p>\n

(1)\u00a0 Martin Gollowitzer (Testing environment) <gollo@fsfe.org><\/p>\n

 <\/p>\n

Command> save<\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Windows\u7ba1\u7406Nitrokey Pro\u4f7f\u7528Gpg4win\uff08https:\/\/gpg4win.org\/\uff09\uff0c\u6b64\u5de5 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[185,186,184,183],"class_list":["post-790","post","type-post","status-publish","format-standard","hentry","category-Technical_literature","tag-gnupg","tag-gpg","tag-gpg4win","tag-nitrokey"],"views":1684,"_links":{"self":[{"href":"https:\/\/www.datarelab.com\/blog\/wp-json\/wp\/v2\/posts\/790","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.datarelab.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.datarelab.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.datarelab.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.datarelab.com\/blog\/wp-json\/wp\/v2\/comments?post=790"}],"version-history":[{"count":0,"href":"https:\/\/www.datarelab.com\/blog\/wp-json\/wp\/v2\/posts\/790\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.datarelab.com\/blog\/wp-json\/wp\/v2\/media?parent=790"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.datarelab.com\/blog\/wp-json\/wp\/v2\/categories?post=790"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.datarelab.com\/blog\/wp-json\/wp\/v2\/tags?post=790"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}