LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-14-2009, 10:59 PM   #1
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,430

Rep: Reputation: 55
How is the passphrase exactly used when dealing with GPG keys?


How is the passphrase exactly used when dealing with GPG keys?

And why is it so important to keep the passphrase secret?

TIA
 
Old 10-14-2009, 11:11 PM   #2
smeezekitty
Senior Member
 
Registered: Sep 2009
Location: Washington U.S.
Distribution: M$ Windows / Debian / Ubuntu / DSL / many others
Posts: 2,339

Rep: Reputation: 231Reputation: 231Reputation: 231
the passphrase is used to offset the values
to encrypt it
and with the passphrase you can decrypt it
may i ask why you have so many questions about encryption?
 
Old 10-14-2009, 11:16 PM   #3
abefroman
Senior Member
 
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,430

Original Poster
Rep: Reputation: 55
Quote:
Originally Posted by smeezekitty View Post
the passphrase is used to offset the values
to encrypt it
and with the passphrase you can decrypt it
may i ask why you have so many questions about encryption?
I am currently studying encryption, partially for the Security+ test, and then I want to take the CISSP.

How is the passphrase different than the private key then?

If you have a message which was encrypted with the public key, you can decrypt it with either the pass phrase OR the private key?
 
Old 10-15-2009, 01:30 AM   #4
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.10, Centos 7.5
Posts: 17,680

Rep: Reputation: 2490Reputation: 2490Reputation: 2490Reputation: 2490Reputation: 2490Reputation: 2490Reputation: 2490Reputation: 2490Reputation: 2490Reputation: 2490Reputation: 2490
No; think of the passphrase as an extended passwd that 'locks' the private key. If you specify one, then you can't use the key without knowing the passphrase.
When using Apache, if you have SSL setup, the default is to lock the key (.pem) file with a passwd/phrase, so it won't start up without it, in case someone steals your system for example.


Have a read of http://www.gnupg.org/gph/en/manual.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
GPG: Bad session key gpg between gpg on linux and gpg gui on windows XP konqi Linux - Software 1 07-21-2009 10:37 AM
GPG with out passphrase option for decryption vjayraghavan Linux - Newbie 1 07-01-2009 10:12 AM
Cracking a gpg pgp key (passphrase) DaRkBoDoM Linux - Security 1 11-20-2007 04:32 AM
Revoking GPG key with only passphrase and public key djib Linux - Security 2 03-13-2007 04:20 AM
KMail and PGP/GPG not working - doesn't ask for passphrase steve1401 Linux - General 2 02-08-2005 07:42 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration