Change key prefs; few questions

David Shaw dshaw at
Sun Jul 3 17:45:33 CEST 2011

On Jul 3, 2011, at 10:58 AM, MFPA wrote:

> On Sunday 3 July 2011 at 3:24:15 PM, in
> <mid:FC521C32-4721-4721-930E-8536F83A2DE0 at>, David Shaw
> wrote:
>> This will set your private key cipher to AES:
>>   gpg --s2k-cipher-name aes --edit-key (thekey) passwd
>>   save
> Is there a reason to do this?

There are some obscure edge cases where you must have a 3DES or AES encrypted private key, but for the overwhelming majority of people, no, there is no reason to do this.  The default (CAST5) is quite strong (which the original poster acknowledged).  It's just helpful to know what the "knobs" are to understand how something as complex as OpenPGP is put together.


More information about the Gnupg-users mailing list