private key protection

Jerome Baum jerome at
Tue Oct 18 14:10:07 CEST 2011

>> I'm going to lean very far out the window and assume he meant the actual
>> private key, not the private key-ring/-file/...
> I'm not sure I understand the distinction you're making there.

One is protected with a passphrase (i.e. it's encrypted), the other is
in the clear.

If I manage to steal your private keyring, then yes the very strong
passphrase should grind my attempts to steal your key to a halt. If I
manage to steal your private _key_ OTOH, I don't need to get past your
passphrase as that doesn't come into play.

cf. "Your private key being stolen isn't really that big of a deal."

PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA

More information about the Gnupg-users mailing list