Nicolas George wrote: > Is there somewhere in Debian a KISS version of GnuPG or something > compatible? > > The current default version of GnuPG, since 2015, necessarily uses a > client-server agent to access the private keys. While it is convenient > and secure for everyday use, but for some tasks, the efforts it makes to > protect my files from myself prevent me from doing the tasks I want. >
the agent was always there - better do a proper setup and btw. what does it have to do with your files > As a short-term solution, does anyone know how to add a pass phrase to a > private key while exporting it, without changing it on the storage? ??? https://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-3.html#ss3.5 Finally you have to enter a password (actually passphrase would be more appropriate, since blanks are allowed). This password is used to be able to use the functionality which belongs to your secret key. and https://gnupg.org/gph/en/manual.html#AEN513 Protecting your private key To help safeguard your key, GnuPG does not store your raw private key on disk. Instead it encrypts it using a symmetric encryption algorithm. That is why you need a passphrase to access the key. Thus there are two barriers an attacker must cross to access your private key: (1) he must actually acquire the key, and (2) he must get past the encryption.