Re: KISS gpg

To: debian-user@lists.debian.org
Subject: Re: KISS gpg
From: deloptes <deloptes@gmail.com>
Date: Wed, 30 Oct 2019 20:56:11 +0100
Message-id: <[🔎] qpcpsp$585s$1@blaine.gmane.org>
Reply-to: deloptes@gmail.com
References: <[🔎] 20191030185834.ybgdonvm4jpwfw2m@phare.normalesup.org>

Nicolas George wrote:

> Is there somewhere in Debian a KISS version of GnuPG or something
> compatible?
> 
> The current default version of GnuPG, since 2015, necessarily uses a
> client-server agent to access the private keys. While it is convenient
> and secure for everyday use, but for some tasks, the efforts it makes to
> protect my files from myself prevent me from doing the tasks I want.
> 

the agent was always there - better do a proper setup and btw. what does it
have to do with your files

> As a short-term solution, does anyone know how to add a pass phrase to a
> private key while exporting it, without changing it on the storage?

???
https://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-3.html#ss3.5

Finally you have to enter a password (actually passphrase would be more
appropriate, since blanks are allowed). This password is used to be able to
use the functionality which belongs to your secret key.

and
https://gnupg.org/gph/en/manual.html#AEN513

Protecting your private key

To help safeguard your key, GnuPG does not store your raw private key on
disk. Instead it encrypts it using a symmetric encryption algorithm. That
is why you need a passphrase to access the key. Thus there are two barriers
an attacker must cross to access your private key: (1) he must actually
acquire the key, and (2) he must get past the encryption.

Reply to:

Follow-Ups:
- Re: KISS gpg
  - From: Nicolas George <george@nsup.org>

References:
- KISS gpg
  - From: Nicolas George <george@nsup.org>

Prev by Date: Re: Raspberry Pi with Debian and LUKS
Next by Date: Re: KISS gpg
Previous by thread: KISS gpg
Next by thread: Re: KISS gpg
Index(es):
- Date
- Thread