LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   How is the passphrase exactly used when dealing with GPG keys? (https://www.linuxquestions.org/questions/linux-security-4/how-is-the-passphrase-exactly-used-when-dealing-with-gpg-keys-761976/)

abefroman 10-14-2009 10:59 PM

How is the passphrase exactly used when dealing with GPG keys?
 
How is the passphrase exactly used when dealing with GPG keys?

And why is it so important to keep the passphrase secret?

TIA

smeezekitty 10-14-2009 11:11 PM

the passphrase is used to offset the values
to encrypt it
and with the passphrase you can decrypt it
may i ask why you have so many questions about encryption?

abefroman 10-14-2009 11:16 PM

Quote:

Originally Posted by smeezekitty (Post 3719710)
the passphrase is used to offset the values
to encrypt it
and with the passphrase you can decrypt it
may i ask why you have so many questions about encryption?

I am currently studying encryption, partially for the Security+ test, and then I want to take the CISSP.

How is the passphrase different than the private key then?

If you have a message which was encrypted with the public key, you can decrypt it with either the pass phrase OR the private key?

chrism01 10-15-2009 01:30 AM

No; think of the passphrase as an extended passwd that 'locks' the private key. If you specify one, then you can't use the key without knowing the passphrase.
When using Apache, if you have SSL setup, the default is to lock the key (.pem) file with a passwd/phrase, so it won't start up without it, in case someone steals your system for example.


Have a read of http://www.gnupg.org/gph/en/manual.html


All times are GMT -5. The time now is 07:24 PM.