Protect pubring.gpg and secring.gpg

David Vegano xploiting at
Fri Sep 5 23:16:10 CEST 2008

uhmm, i see...

and would I to encrypt the secring.gpg file? 

This form, if they intercept my passphrase (with a keylogger for example), they wouldn´t nothing to do.

It´s a goog idea encrypt secring.gpg file?


Go Vegan!My personal blogsite:
My vegan blogsite:

> Date: Fri, 5 Sep 2008 16:27:13 -0400
> From: at
> To: gnupg-users at
> Subject: Re: Protect pubring.gpg and secring.gpg
> Hash: SHA256
> David Vegano escribió:
> > 
> > Hello, i´m a new member of list, and i have a doubt.
>   Hello David, welcome!
> > Can someone to obtain my pass from the files pubring.gpg and secring.gpg??
>   I don't think so, remember the pass is to protect your private keys
> (stored in your secring.gpg)... so what you should be worried about is
> if they can access the keys... the pass is just the lock you use to
> protect them. The thing you use to encrypt or decrypt, it is the key,
> not the pass.
>   And the pubring is "public"... (Maybe you don't want people knowing if
> you have locally signed some public keys, but other than that, there is
> not "private" info in the pubring, as far as I know).
> > If this possible, how would I protecte these files?
>   First, don't use a password, use a passphrase (it's the same thing as
> a password, but it is composed of several words, and numbers, and it is
> better if the words can't be obtained from a dictionary). I mean, don't
> use "Enterprise" as the pass, use something like
> "TheEnterpriseIsTheBestSpaceship". But all those words can be found in a
> dictionary, and I didn't use any number... so that is not a good
> passphrase, it is just an example.
>   Anyway, you are in the right path, the passphrase is your last defense
> to protect your keys, the idea is to don't let strange people to have
> access to the files... And I don't know how to protect them, without
> knowing if you share your computer with somebody, what operating system
> you are using, and all that info.
>   Best Regards
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla -
> 2uI8WYuaxYO6EhrOu7fc4cyrbcjbUHCfnpK1JxoqRGIVJiZMKA11MrAQhvKoa66J
> xb06nUbGVh7eNMY4y0+GenO5WpqMI+2kI2UZiiGriL6fA8zuMR3ddsUPEAul01bo
> mHkEfqNfUzskDn8gTxHpnvydC04ZFPAiqKKm31v8fW3idjdnKhrIiKXUXMw+QNnr
> =s5ig
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

Express yourself instantly with MSN Messenger! Download today it's FREE!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20080905/b7971454/attachment.htm>

More information about the Gnupg-users mailing list