-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Afzal, Naeem M escribió: > Hi, > > In order to understand GnuPG, I tried to create private keys on two ubuntu > systems. Here are my steps and I would ask my question at the end as I need > to show what I did. > > 1. System A: Created private and public key by using 'gpg --gen-key' and then > 'gpg --export --armor -out userA.asc -r 'USER A' > > 2. System B: Created private and public key by using 'gpg --gen-key' and then > imported public key of userA > 'gpg --import userA.asc' > > 3. System B: encrypted a file for userA using userA's public key ' > gpg -o file_from_userB -r userA --encrypt file_to_encrypt > > 4. System A: Tried to decrypt file_from_userB > gpg -o decrypted_file --decrypt file_from_userB > at this point, it asks to provide passphrase of userA. Is it possible to > avoid where I need to provide passphrase at all? My understanding was that > the file was encrypted with userA's credential to begin with, and userA > should be decrtypt it without providing any passphrase? How can do this > procedure where I don't have to provide passphrase in decryption?
Because the key itself is protected by a passphrase. You CAN remove that protection, and you can even generate keys without passphrase.. but the idea is, if you have to go to the bathroom, and someone else tries to read your messages, or steal your key... the thief won't have much luck, since if the passphrase is strong, he wont be able to activate the key... unless the thief is lucky enough to "guess" the passphrase hitting the keyboard randomly... A good passphrase would make bruteforce attack infeasible, it won't be in any dictionary (so dictionary attacks won't work)... so, if you remove the passphrase, you'll want to take extra measures to avoid problems... but maybe you know nobody is going to touch your computer... Regards -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCAAGBQJIZn4MAAoJEMV4f6PvczxAw1cIAKoX1tnr4I2iNvu5W13wZ+k5 Q4mGqeGxat9x9r7XVpHm9pisspMr4atSfipA51KIhmSA7DMlPVEr4czU+4QG5kex nGipcBf5kqtLO7VBXO3LJuEjWa0YBOZktQRkJJga85XI+W43dGSJUsDCz4Qwkaqj 0g7ZKv+BZoVmxZ73Lh9sS5qIPbDnl6TERrKBXYGfdeqIOZodKyZsNsGnojp1OXqM 1KnKYCtGmwuj8HNsrMRVWQ3rJmcrrqBbFUOGKQAqlNHbc3FksSsT1HKsy7kK/LJC VKS9u1ksf+r7IgCq2+d7WkwoqEppJQV+aR2i6m/YdUTNJ1qEYIIFcU7xa2L4vSM= =dxuD -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
