why we need passphrase
Faramir
faramir.cl at gmail.com
Sun Jun 29 05:29:00 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Afzal, Naeem M escribió:
> How can I remove this restriction where I don't have to provide passphrase and public key itself is good enough?
The public key is never protected by the passphrase ( *as far as I
know* I may be wrong), so anyway it should be safe to upload it. To
remove the passphrase... _I think_ the command is:
gpg --edit-key 12WP8CAQ (12WP8CAQ must be replaced by your key's ID)
(enter)
passwd
(enter)
then it should ask your passphrase, and then ask you to enter the new
passphrase (it ask it 2 times, as usual, to be sure you are not
mistyping it)
I figure if you don't hit any key, and answer by hitting "enter", it
should assume you want a blank passphrase... But don't belive too much,
I seldom use command line with gpg (I manage my keys from GPGkeys or
Enigmail), and certainly, I have never removed a passphrase...
There are expert people in this list (actually, developers), advanced
users, and I am just a new user, so I still have a lot to learn about this.
Best Regards
P.S: always backup your key, or at least, make a revocation
certificate... just in case you need to revoke it and make a new one...
>> -----Original Message-----
>> From: gnupg-users-bounces at gnupg.org [mailto:gnupg-users-bounces at gnupg.org]
>> On Behalf Of Faramir
>> Sent: Saturday, June 28, 2008 11:08 AM
>> To: gnupg-users at gnupg.org
>> Subject: Re: why we need passphrase
>>
>> Because the key itself is protected by a passphrase. You CAN remove
>> that protection, and you can even generate keys without passphrase.. but
>> the idea is, if you have to go to the bathroom, and someone else tries
>> to read your messages, or steal your key... the thief won't have much
>> luck, since if the passphrase is strong, he wont be able to activate the
>> key... unless the thief is lucky enough to "guess" the passphrase
>> hitting the keyboard randomly...
....
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQEcBAEBCAAGBQJIZwF8AAoJEMV4f6PvczxAyrAH/2WzlEn74SO/A1EBiNOFj5yy
56u1F9XL+RRos6jm/BQpZAbSKWA18Em06wapSrJHd5vvpLJwjLLuk90MEcAlZxGg
tqibxHDO4x8hQB7XDWMuCL3dzKQ3858SdlxSCNChAI/gRGu6IT/an/stNtziRPmq
ot3AhvOcJjkcBj3dIPrht9MmyYivEmmo6eIQbHHXM3KXL0OCqWT3sM/wfk5HFLhq
7/+dKKGkGanWUUNaxINwURtwkP3X75fHYbRr7B/ueamzfC/0PHmRPTZrKX8PZZD1
288VjUU6vyDAFV27h50D7ESwETZ8QGAAM+tFfoghYTgpSvJ1i1zKFGjmbgyk52g=
=e32l
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list