changing the passphrase of the secret key stored in the GnuPG card

Matthias Apitz guru at unixarea.de
Mon Jun 12 07:31:58 CEST 2017


El día domingo, junio 11, 2017 a las 10:00:00p. m. +0200, Peter Lebbing escribió:

> On 11/06/17 21:48, Matthias Apitz wrote:
> > My question remains: How can I change (or verify) the above Passphrase I
> > have used?
> 
> Ah! That's the encryption of the backup key, not of the secret key
> stored in the smart card. Well, it's ultimately the same key, but it's
> not the copy of it stored in the smart card but rather the copy stored
> in the backup file.
> 
> That's actually a difficult question, since AFAIK, the backups are not
> complete OpenPGP messages but just the relevant parts of an OpenPGP
> secret key message. I actually can't think of the answer to your
> question. I'd know how to use packet surgery to reconstruct a normal
> on-disk secret key from that partial message, and subsequently change
> the passphrase on that key. I could also subsequently extract the
> fragment again. But this is all not normal use of GnuPG, it's "Look, I
> can make it do this as well!". Hopefully somebody else can answer if it
> is possible, and how.

Now we are on track with my question. The background is/was: what
exactly I have todo with this backup key, for example in case the GnuPG
card gets lost or stolen? How can I simulate this and check if the
passphrase works correctly.

Thx

	matthias

-- 
Matthias Apitz, ✉ guru at unixarea.de, ⌂ http://www.unixarea.de/  ☎ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: </pipermail/attachments/20170612/19dc8ae3/attachment.sig>


More information about the Gnupg-users mailing list