Re: gnupg private-keys encryption
> Change the passphrase. Tried this now. No change in the encryption scheme in 2.2.17. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: gnupg private-keys encryption
> How can I control the encryption on the private-key? Change the passphrase. Just changing configuration file preferences doesn't change the way the key is stored on disk. It only says "the next time you have to alter the way the key is stored on disk, use these new parameters". Changing the passphrase on the key will force GnuPG to write it out to disk again, at which point your new preferences will take effect. Warning: this information was correct for GnuPG 1.4 and 2.0. I'm not sure about 2.2, as I've never needed to do it on 2.2. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gnupg private-keys encryption
Hi, Gnupg (installed from debian repositories) seems to ignore cipher/digest preferences while encrypting the key. Below are the options I've in my gpg.conf. personal-digest-preferences SHA512 personal-cipher-preferences AES256 personal-compress-preferences Uncompressed digest-algo SHA512 cipher-algo AES256 s2k-mode 3 s2k-count 65011712 s2k-digest-algo SHA512 s2k-cipher-algo AES256 However, --export-secret-keys followed by --list-packets shows, "iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt: ", and in the binary *.key file from the private-keys dir, ".. protected25:openpgp-s2k3-sha1-aes-cbc .." leads me to believe that the key is encrypted with SHA1/AES. How can I control the encryption on the private-key? Thanks ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users