changing the passphrase of the secret key stored in the GnuPG card

Peter Lebbing peter at
Sun Jun 11 22:00:00 CEST 2017

On 11/06/17 21:48, Matthias Apitz wrote:
> My question remains: How can I change (or verify) the above Passphrase I
> have used?

Ah! That's the encryption of the backup key, not of the secret key
stored in the smart card. Well, it's ultimately the same key, but it's
not the copy of it stored in the smart card but rather the copy stored
in the backup file.

That's actually a difficult question, since AFAIK, the backups are not
complete OpenPGP messages but just the relevant parts of an OpenPGP
secret key message. I actually can't think of the answer to your
question. I'd know how to use packet surgery to reconstruct a normal
on-disk secret key from that partial message, and subsequently change
the passphrase on that key. I could also subsequently extract the
fragment again. But this is all not normal use of GnuPG, it's "Look, I
can make it do this as well!". Hopefully somebody else can answer if it
is possible, and how.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170611/e9b988ff/attachment-0001.sig>

More information about the Gnupg-users mailing list