ProHoster > Блог > labaran intanet > Sakin GnuPG 2.2.17 tare da sauye-sauye don magance kai hari akan sabar maɓalli

Sakin GnuPG 2.2.17 tare da sauye-sauye don magance kai hari akan sabar maɓalli

aka buga sakin kayan aiki GnuPG 2.2.17 (GNU Privacy Guard), mai jituwa tare da ka'idojin OpenPGP (BA-4880) da S/MIME, kuma yana ba da kayan aiki don ɓoye bayanan, aiki tare da sa hannun lantarki, sarrafa maɓalli da samun dama ga shagunan maɓalli na jama'a. Ka tuna cewa reshen GnuPG 2.2 yana matsayi azaman sakin ci gaba wanda a ciki ake ci gaba da ƙara sabbin abubuwa; gyare-gyare kawai ana ba da izinin a cikin reshen 2.1.

Sabon batun ya ba da shawarar matakan magancewa kai hari kan maɓallan sabar, yana haifar da rataye GnuPG da rashin iya ci gaba da aiki har sai an goge takardar shaidar matsala daga kantin gida ko kuma an sake ƙirƙira shagon takaddun shaida bisa ingantattun maɓallan jama'a. Ƙarin kariyar ya dogara ne akan yin watsi da gaba ɗaya ta tsohuwa duk sa hannun dijital na ɓangare na uku na takaddun shaida da aka karɓa daga sabar ma'ajiyar maɓalli. Bari mu tuna cewa kowane mai amfani zai iya ƙara sa hannu na dijital don takaddun shaida na sabani a cikin uwar garken maɓalli na ma'auni, wanda maharan ke amfani da shi don ƙirƙirar adadi mai yawa na irin waɗannan sa hannun (fiye da dubu ɗari) don takardar shaidar wanda aka azabtar, sarrafa su. yana rushe aikin GnuPG na yau da kullun.

Yin watsi da sa hannun dijital na ɓangare na uku ana tsara shi ta zaɓin "kai-sigs-kawai", wanda ke ba da damar sanya sa hannun masu ƙirƙira kawai don lodawa don maɓalli. Don dawo da tsohuwar ɗabi'a, zaku iya ƙara saitin "keyserver-options no-self-sigs-only,no-shigo-tsabta" saitin zuwa gpg.conf. Haka kuma, idan a lokacin aiki an gano shigo da tubalan da yawa, wanda zai haifar da ambaliya na ma'ajiyar gida (pubring.kbx), maimakon nuna kuskure, GnuPG ta atomatik yana kunna yanayin yin watsi da sa hannu na dijital ("kai-sigs). -kawai, shigo da-tsabta")).

Don sabunta maɓallai ta amfani da injin Jagorar Mabuɗin Yanar Gizo (WKD) Ƙara wani zaɓi na "-locate-external-key" wanda za'a iya amfani dashi don sake ƙirƙirar kantin sayar da takaddun shaida bisa ingantattun maɓallan jama'a. Lokacin yin aikin "--auto-key-retrieve", yanzu an fi son tsarin WKD akan sabar maɓalli. Mahimmancin WKD shine sanya maɓallan jama'a akan gidan yanar gizo tare da hanyar haɗi zuwa yankin da aka ƙayyade a cikin adireshin gidan waya. Misali, ga address"[email kariya]"Za a iya sauke maɓallin ta hanyar haɗin yanar gizon" https://example.com/.well-known/openpgpkey/hu/183d7d5ab73cfceece9a5594e6039d5a".

source: budenet.ru

Add a comment