a newbie question on passphrase to decrypt an encrypted file
Frank Tobin
ftobin@neverending.org
Thu Aug 23 02:47:01 2001
Dongping Deng, at 17:06 -0700 on Wed, 22 Aug 2001, wrote:
I installed gpg (win32) on my machine running NT. I generated my key
with my passphrase. When I encrypted a file, it asked me for the
passphrase. But when I decrypted it, it didn't ask me for the
passphrase at all. This sounds scary to me. I can't seem to find the
answer from various documents. Don't you have to type in your
passphrase to decrypt a file?
Since when one encrypts files, one doesn't need to to access the secret
key (and hence, enter a passphrase), I think what you did in the first
step was sign your message, not encrypt it. Signing a message requires
access to your secret key.
Also, since verifying signed documents does not require access to your
secret key, I think that this is what you did in your second step. That
is, you didn't decrypt, but rather verify a signature.
--
Frank Tobin http://www.neverending.org/~ftobin/