LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] resetting GPG passphrase

[ILUG] resetting GPG passphrase

Brian Foster blf at utvinternet.ie
Tue Mar 9 19:19:53 GMT 2010 

  | From: Josh Glover <jmglov at gmail.com>
  | Date: Tue, 9 Mar 2010 15:46:48 +0000
  | 
  | On 8 March 2010 20:57, Brian Foster <blf at utvinternet.ie> wrote:
  | >  I've forgotten the passphrase to a GPG key-pair.
  | >  Is it possible to change the passphrase without
  | >  knowing the [current] (forgotten) passphrase?
  | 
  | Nope. Get l0ftcrack or John the Ripper out. :)

 Ok, it's not a Big Deal.  I just had to re-generate the test cases
 using a new key-pair (whose passphrase is unforgettable), and the
 problem's solved.

  | >  (Can I delete the old key-pair without knowing
  | >  the passphrase?)
  | 
  | You can delete it from your keyring, but you cannot revoke it,
  | unless you thought to generate a revocation certificate and
  | stash it somewhere. :)

 It's been deleted.  Revocation isn't an issue, since the keys have
 not only never left my workstation (excepting backups), they aren't
 protecting anything important.  The worse case is a customer/client
 somehow obtains the private key, cracks the passphrase, and then
 uses the key-pair in their product (built using our product).  That
 would be incredibility daft (and impressive (due to the cracking of
 the passphrase and also the obtaining of the secret key)), as they
 would have to ignore multiple warnings in both the build and doc
 that the test key must be replaced: The public key is basically
 just a place-holder, and we NEVER supply the private key.  (In any
 case, I'm now considering adding a runtime warning as well, just to
 drive the point home.)

 Thanks to everyone for the help and suggestions.

cheers!
	-blf-

-- 
“How many surrealists does it take to    |  Brian Foster
 change a lightbulb?  Three.  One calms  |  somewhere in south of France
 the warthog, and two fill the bathtub   |     Stop E$$o (ExxonMobil)!
 with brightly-coloured machine tools.”  |       http://www.stopesso.com

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell