why we need passphrase
faramir.cl at gmail.com
Sun Jun 29 05:29:00 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Afzal, Naeem M escribió:
> How can I remove this restriction where I don't have to provide passphrase and public key itself is good enough?
The public key is never protected by the passphrase ( *as far as I
know* I may be wrong), so anyway it should be safe to upload it. To
remove the passphrase... _I think_ the command is:
gpg --edit-key 12WP8CAQ (12WP8CAQ must be replaced by your key's ID)
then it should ask your passphrase, and then ask you to enter the new
passphrase (it ask it 2 times, as usual, to be sure you are not
I figure if you don't hit any key, and answer by hitting "enter", it
should assume you want a blank passphrase... But don't belive too much,
I seldom use command line with gpg (I manage my keys from GPGkeys or
Enigmail), and certainly, I have never removed a passphrase...
There are expert people in this list (actually, developers), advanced
users, and I am just a new user, so I still have a lot to learn about this.
P.S: always backup your key, or at least, make a revocation
certificate... just in case you need to revoke it and make a new one...
>> -----Original Message-----
>> From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org]
>> On Behalf Of Faramir
>> Sent: Saturday, June 28, 2008 11:08 AM
>> To: gnupg-users at gnupg.org
>> Subject: Re: why we need passphrase
>> Because the key itself is protected by a passphrase. You CAN remove
>> that protection, and you can even generate keys without passphrase.. but
>> the idea is, if you have to go to the bathroom, and someone else tries
>> to read your messages, or steal your key... the thief won't have much
>> luck, since if the passphrase is strong, he wont be able to activate the
>> key... unless the thief is lucky enough to "guess" the passphrase
>> hitting the keyboard randomly...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-users