Changing passphrase parameters (s2k options)

Peter Lebbing peter at
Mon Jan 23 13:34:46 CET 2017

On 23/01/17 12:54, John Lane wrote:
> Ok, so - if I understand you correctly - when I *export* the secret key
> I can choose which algorithms are applied to the exported copy ?

No, I meant that the bug report (turned feature request) is about
choosing the options for export. As long as the bug is open, it's not
possible to change it for export either.

However, in your initial mail you said:
> When I tried to experiment with the `--s2k` options, attempting to
> change the passphrase on my key, I found that they were ignored.

>From "chang[ing] the passphrase" I inferred you were talking about how
the key is stored in the keyring, not about exporting the secret key.

What are you trying to do? Change the encryption on an exported private
key or changing the encryption of the private key store of GnuPG?

(FWIW, I don't think you can currently do either. Possibly you can
change the s2k-count via the agent protocol, but that might not pertain
to the private key store, I just don't know).



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list