Aaron Hastings
unread,May 29, 2012, 10:01:41 AM5/29/12Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to galwa...@googlegroups.com, 091labs-public
Hi all,
Posting once again to both lists as I figure this is of interest to either party. This is another one about encryption.
I'm curious about the relationship between a passphrase and a private key when it comes to GPG/PGP encryption. Does a passphrase affect a private key's eventual value when creating said key, or are the two completely separate? I know that, with GnuPG on Linux, the output asks the user to perform various tasks (disk I/O, mouse movements, etc.) to guarantee ultimate "randomness" during the generation process, but is the chosen passphrase also tied into the generation algorithm?
Further to that, when it comes to selecting a new passphrase down the road - is it better practise to delete the existing key and generate a new one with a different passphrase (after ensuring the existing key is no longer needed, of course), or to just edit the passphrase using: gpg --edit-key?
This whole field is new to me and it's evident that even the slightest slip of the mind or lapse of judgement can compromise your entire efforts.
Aaron