Several master keys vs. master key ,and subkeys

Sin Trenton biggles.trenton at
Tue Jul 16 18:04:31 CEST 2013

On 2013-07-16 15:32, Werner Koch wrote:
>> You have a version B of your key, with a different password than
>> version A (where the primary key is still present)? Not that one
>> particular subkey per se has a different password?
> Usually this does not happen because GnuPG < 2.1 has no feature to merge
> secret subkeys.
>> If I were to create two different signing subkeys (usage:S), not sure
>> why, but still, I could give them different passwords?
> Yes.  The passphrtase protects the secret part of each key.  It just
> happens that gpg always syncs them to work withnthe same passphrase.
>> If you _can_ assign a separate, different password to a particular
>> subkey, I assume it is done under --edit-key, but how?
> You can't without hacking the code or making advanced use of gpgsplit.

Ah, so even if technically simplified, my previous understanding was 
basically correct. Thank you very much for this clarification, very useful!

> Okay.  I have my public key on all of my boxes because I use it to
> encrypt the backups (actually I encrypt the backups to several keys).

Which is basically the same then, though I may have fewer boxes (3, with 
mobile included, if we really should count it as a box) :)

>> The reason for 3 and 4 is that I discovered that during the day, I
>> more often want to _encrypt_ something to myself, a file or a short
>> piece of text, in various situations. It can be before uploading a
>> diary note or a customer file to Dropbox or pretty much just
> That is the cool thing with public key crypto.

+1! The day the practical possibilities of this dawned on me was a day 
of awsumness.


Sin T.

More information about the Gnupg-users mailing list