Revoke a key 0E84608B
I tried to revoke this key since after changing a passphrase on 2012-01-28 and using it with new passphrase immediately after, after a few hours I could not again be successfull (bad passphrase). But revkey also askes for a passphrase. Is there any way to revoke this key? Best regards 0x0E84608B.asc Description: application/pgp-keys ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Revoke a key 0E84608B
I tried to revoke this key since after changing a passphrase on 2012-01-28 and using it with new passphrase imidiately after, after a few hours I could not again be successfull (bad passphrase). But revkey also askes for a passphrase. Is there any way to revoke this key? Best regards 0x0E84608B.asc Description: application/pgp-keys ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoke a key 0E84608B
On Tue, 31 Jan 2012 12:16, marko...@eunet.rs said: Is there any way to revoke this key? No. That is way we suggest to create and print out a revocation certificate right after key creation. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoke a key 0E84608B
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Hi Marko, how I understood your issue: you have a key, changed it's passphrase and used it successfully after that. Then, after some time, you could no longer use it since GnuPG said you entered a bad passphrase. If that's correct, here are my thoughts: - - There is no known passphrase mingling issue with GnuPG, so a passphrase you once set should still work, but - - It could be that you entered it with a different keyboard/lang/codepage setting. If you have several locales installed (e.g. in Gnome), please figure out which characters could be different. - - Your key worked for some time and then no more after a while. That might be due to gpg-agent that still had your key cached. After cache expiration, it reasked for the passphrase. - - To CREATE a rev cert, you need your secret key and your passphrase. To IMPORT an existing rev cert, you don't need a passphrase. That is why you should create a rev cert directly after generating a key pair. - - If your broken key was uploaded on a keyserver and you cannot revoke, it will stay valid there forever - just add a newer key and live with it. If you successfully imported it, mind to upload the revoked public key. Olav - -- The Enigmail Project - OpenPGP Email Security For Mozilla Applications -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) Comment: Dies ist eine elektronische Signatur - http://enigmail.mozdev.org/ iQGcBAEBAwAGBQJPJ/7QAAoJEKGX32tq4e9WuC0L/ifx7TIzHPCucWXjYO9mbYtr TvHcf4b3ec8Eom4zAX0YEeGluj3bCxru84Z3O1ALYpCd1EnKN2w1HwHBGgS+lu6I YzxQwvM/JrhFQ/7rQ5z6wknPay4FtIRQ6hz9JuYhA70LBMN4lxfdRPMJ9LZNX2by OzvMOKyApNw6ZnYgeH6haUPBlZIP2a7N3s4S1mz2mt8N5Mz+D6s5OaZvGW5TVn73 y19mN35wnCEv8QYHySazr+IwWV41dxfYN/p0d//h0VSQdDlAbmL8Rle1O+hLrHEk P4hAGCKrORZRO1PN+gbb0pUy5HbL6wPhaK42HfEjrEyMgAY1dP4weVOqi9m0hIsc vFWY1x0gcZguhmehNdnksM9JciQTUbDlTsN2Bpp80znYhLJ6cZ87ZNVYdgiXe0v+ jDqNYuvNM4AU09TLWM85T7kkE9EQ80rFDyD2auf/uqfrSTE80zpKGZfVEXchlqsd rNgR4QHEKXD4lbWHm7M4JBJbkCdt1td9jzpkeajO7Q== =ChPo -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoke a key 0E84608B
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 31-01-2012 9:12, Marko Randjelovic escribió: I tried to revoke this key since after changing a passphrase on 2012-01-28 and using it with new passphrase immediately after, after a few hours I could not again be successfull (bad passphrase). Since you know the old and new passphrase, maybe you can bruteforce it, using passphrases as a guide and looking for characters that could have been mistyped. I don't know about tools to do it, but there should be some. But revkey also askes for a passphrase. To generate a revocation certificate you need the private key, so you need the passphrase. If you have an already generated revocation certificate, importing it doesn't require passphrase. Is there any way to revoke this key? No. If you uploaded your key to keyservers, the only thing you can do is to ask people that signed that key to revoke the signatures on it, that way, it would be easier to chose the right key in future (I mean, once you get a new key, and it gets signed, people will find 2 keys, one signed, and new, and another with revoked signatures, and older). Best Regards -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPKEeqAAoJEMV4f6PvczxAv2EIAI8wTLWn2tv89Nw8T9TozIT0 MvTp++8cmMUbn3HjzG6Q6T8bxWu9lQGy55MeP1Qx2wAw6A5m4PT/0Ys1Qc8Cdnqt ffcia/SroyS/knm/jnzQfht3oNocHU1X/OSYzJqEZ6E1CCTLs4c0TeNlRleF9UCZ V/IVQSZcxd25pl7GRl0tFbSdDihrwG6b6FFgZ6e/Rw02hus+sFUv2jv7ZWn5hdI5 KKJgdCC4KgBbXrSuGV9i7heSAEDvRbL0On0ysqLMRO43DlLet65hsmA09u527RgK fDn9mpCI82jNuD/AmeJcVP1uaI1bgoowUkr8w3RYJ4fvtS6iQjnT5pKjbmO2bKk= =9bNi -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoke a key 0E84608B
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 El 31-01-2012 9:12, Marko Randjelovic escribió: I tried to revoke this key since after changing a passphrase on 2012-01-28 and using it with new passphrase immediately after, after a few hours I could not again be successfull (bad passphrase). I searched your key, and it will expire in about one and half year, so, if everything fails, at least it won't haunt you until the end of time. Best Regards, and good luck with the attempt to recover it. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJPKEkCAAoJEMV4f6PvczxA7osH/1oX7AO8v12MfZh1B73LXr9j AicqVp33L632dZYNez/oB0w1htDGPcIH0AqTXai4OdRN9wm3qldgDQycMhDRpLyP BImc6psM0IY8eaOyJ2FpEe0LTCjomlmnYetdt67P1H1s23iAn4jgwJbIYZ7m4v9e KiKmCtme+//tvFehiA7R7L/z69MPglZghoJdqEnoXGQaM1t7zvGQX2NOIVCRzDf8 e+oFrOzYf5sk212+g+ZwMs/N5ncZMUgVVNAy96PqcB2aJV0L+krs2+9Bj4nJ3Ocu /bHSh0BrN47muakvAjOIBLJiKJPFRqintPx6YV/wcJ697jXDxofDIoVa7aElpNs= =p5tD -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Revoke a key 0E84608B
On 01/31/2012 13:08, Marko Randjelovic wrote: On 01/31/2012 01:58 PM, Werner Koch wrote: No. That is way we suggest to create and print out a revocation certificate right after key creation. Thanks all to your suggestions. I just got one idea. I have a backup. Can I unpack my secret ring file backup and use it to generate revocation certificate, since in that file it's still old passphrase that I typed many times? If you have access to a valid copy of your secret key there is no reason to revoke it ... unless of course you have reason to believe that it's been compromised in some way. Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/ ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users