问题描述

我试图通过Web界面检查给定的公钥是否有效. bash命令gpg --import key.pub根据给定的密钥返回import successful/failed，但是出于自身的安全考虑，我不想使用$data = system("/usr/bin/gpg --import $key).有其他选择吗?

Through a web interface I'm trying to check if a given public key is valid or not. The bash command gpg --import key.pub returns import successful/failed based on the given key, but I don't want to use $data = system("/usr/bin/gpg --import $key) for my own security concerns. Is there an alternative?

推荐答案

好，我做了一些调试，这就是我发现的内容:

Ok, I've done a little debugging and this is what I've found:

nginx守护程序在nginx:nginx下运行，没有主目录，没有登录外壳程序

nginx daemon was running under nginx:nginx, no home dir, nologin shell

当我执行sudo -u nginx php -r "echo system("gpg -k");"

我得到了/home/nginx/.gnupg: directory does not exist!

所以我执行了以下操作:

So I've executed the following:

mkdir -p /home/nginx/.gnupg; chown -R nginx:nginx /home/nginx/

然后，测试是否可行:

sudo -u nginx php -r "echo system("gpg --homedir /home/nginx/.gnupg --dry-run --batch --import key.pub");

我已经输出了！

这篇关于检查GPG/PGP公钥是否有效的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！