Does GPG Ever Store RSA Secret Keys On The Disk In Plain?
Novak Boškov
boskov at bu.edu
Mon Dec 21 23:02:48 CET 2020
Hi Annie,
I am not sure that I follow.
First, it looks like multiple exports _do_ result in the exactly same
export data:
> FIRST=$(gpg --export-secret-keys --armor <my_key_id>)
> SECOND=$(gpg --export-secret-keys --armor <my_key_id>)
> if [ "$FIRST" == "$SECOND" ]; then echo "Outputs are equal"; fi
> Outputs are equal
Which makes perfect sense to me. I would indeed expect my secret key
encrypted with my passphrase to be the same across multiple invocations
of the export command.
If a salt is used, how come that I can take my key that I've gotten
through a `gpg --export-secret-keys --armor ...` call and import it on a
different machine using only my passphrase?
Could you please elaborate a bit more on this or/and provide some useful
resources?
Best regards,
Novak
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xB8D4C9837C741FBD.asc
Type: application/pgp-keys
Size: 2448 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201221/47542709/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201221/47542709/attachment.sig>
More information about the Gnupg-users
mailing list