The private keys are encrypted even in exported form. Anyone who can grab your private key will need your passphrase to decrypt it. By default, GnuPG uses the cipher CAST5 to encrypt private keys. You can change that with the --s2k-* options. However, for a hacker, having something to decrypt or maybe brute force it is much better than having nothing at all. Keeping this in mind, try to keep your private keys private. Like keep them in a portable USB key or something similar.
_______________________________________________ Gnupg-users mailing list [EMAIL PROTECTED] http://lists.gnupg.org/mailman/listinfo/gnupg-users
