How to decide which private key to use?

Neil Williams linux at
Tue Dec 7 01:10:31 CET 2004

On Saturday 04 December 2004 6:31 pm, Ramon F Herrera wrote:
> I am using the GPGme library to write a program that
> will decrypt files.  The files to be decrypted are
> encrypted with exactly one out of of three keys.

If one machine is decrypting all messages, why not have one passphrase for all 
three keys?

Why use three keys? The machine running the program has to be secure - 
otherwise you are exposing three keys to compromise instead of just one.

Any time you store passphrases for an automated process, it's as bad as having 
no passphrase at all. Anyone who gains access to the machine can locate the 
stored passphrase and the secret key file.

You wouldn't put a file 'root-password.txt' in your user directory.


Neil Williams
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20041207/293b3963/attachment-0001.bin

More information about the Gnupg-users mailing list