Problem with passphrase

Problem with passphrase

Post by Georg » Fri, 25 Jul 2003 17:19:30



Hi all. Maybe it's a silly question? While testing pgp some time ago I set
a passphrase. Now, I need to use it with the email I attach to that key,
but I've forgotten the passphrase.
Is there anyway of using the same e-mail address?Is it possible to revoke
the key?
I need help. And the solution is not using another email ;)))

TA.

 
 
 

Problem with passphrase

Post by Pete » Fri, 25 Jul 2003 21:31:36



> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1



>> Hi all. Maybe it's a silly question? While testing pgp some time ago I
>> set a passphrase. Now, I need to use it with the email I attach to
>> that key, but I've forgotten the passphrase.
>> Is there anyway of using the same e-mail address?Is it possible to
>> revoke the key?
>> I need help. And the solution is not using another email ;)))

> Without the passphrase, you cannot use the private key, so you cannot
> revoke the key, decrypt anything encrypted to that key, etc.

> You can generate a new key that has the same user ID (name and address),
> but that won't help with anything encrypted to the prior key.

> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.2
> Comment: My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

> iQEVAwUBPx+5Y2DeI9apM77TAQJmAwf+JJiGGsS44kcEY0chQXJF6yEmC5+JRali
> Zt8ejrKuA/vlbXJl95HrfNHMTceaXYFfWEtEQ4F+G5BOQp009m/shcD6XTFGK3R6
> zdpKzXi5GvxH4E159hIUuhHhf3qKsf7k2u68/4rq6fjJdDsHCDYXMlFimz2+gvKW
> z+ZZvBmWDgV79+xSJm1Q46smNmguFivBXeQ7CJsRsBTQ5ntN0fnXKP9HX142S0nA
> HXqkN6w3fgXp7jYBrFEt+aXn6EHJLQxpDh9/QxfAAwRDpzPIzO6ZCxi9CTVT7bnv
> LLkS+YAzAUaCOO58hKB3Apn5L39J0R+PL/Cx+Cegp+2dAyC2QcICJg==
> =zoe1
> -----END PGP SIGNATURE-----

Just to add one thing.  If you generated a recocation certificate when you
created the key (whose passphrase you lost) you can upload that.  If you
did NOT upload the key to servers, there really is no problem then.  SImply
create the new key and off you go.

 
 
 

Problem with passphrase

Post by Gamma300 » Sat, 26 Jul 2003 00:49:03




> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1



> >> Hi all. Maybe it's a silly question? While testing pgp some time ago I
> >> set a passphrase. Now, I need to use it with the email I attach to
> >> that key, but I've forgotten the passphrase.
> >> Is there anyway of using the same e-mail address?Is it possible to
> >> revoke the key?
> >> I need help. And the solution is not using another email ;)))

> > Without the passphrase, you cannot use the private key, so you cannot
> > revoke the key, decrypt anything encrypted to that key, etc.

> > You can generate a new key that has the same user ID (name and address),
> > but that won't help with anything encrypted to the prior key.

> > -----BEGIN PGP SIGNATURE-----
> > Version: PGP 8.0.2
> > Comment: My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

> > iQEVAwUBPx+5Y2DeI9apM77TAQJmAwf+JJiGGsS44kcEY0chQXJF6yEmC5+JRali
> > Zt8ejrKuA/vlbXJl95HrfNHMTceaXYFfWEtEQ4F+G5BOQp009m/shcD6XTFGK3R6
> > zdpKzXi5GvxH4E159hIUuhHhf3qKsf7k2u68/4rq6fjJdDsHCDYXMlFimz2+gvKW
> > z+ZZvBmWDgV79+xSJm1Q46smNmguFivBXeQ7CJsRsBTQ5ntN0fnXKP9HX142S0nA
> > HXqkN6w3fgXp7jYBrFEt+aXn6EHJLQxpDh9/QxfAAwRDpzPIzO6ZCxi9CTVT7bnv
> > LLkS+YAzAUaCOO58hKB3Apn5L39J0R+PL/Cx+Cegp+2dAyC2QcICJg==
> > =zoe1
> > -----END PGP SIGNATURE-----

> Just to add one thing.  If you generated a recocation certificate when you
> created the key (whose passphrase you lost) you can upload that.  If you
> did NOT upload the key to servers, there really is no problem then.
SImply
> create the new key and off you go.

... or if you set someone else as a revoker to your key...
--
-----BEGIN GEEK CODE BLOCK-----
Version 3.12
GU d-(--) s+:- a--- C++(++++) !U W++(+++) N+(++) o K? w+(--) ?O

DI++++ D G e(*) h!>--- r++ z+>+++
------END GEEK CODE BLOCK------
 
 
 

Problem with passphrase

Post by vedaa » Sat, 26 Jul 2003 22:32:24


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160


[...]

Quote:> >> Just to add one thing.  If you generated a recocation certificate
> >> when you created the key (whose passphrase you lost) you can upload
> >> that.  If you did NOT upload the key to servers, there really is no
> >> problem then.
> > SImply
> >> create the new key and off you go.

> > ... or if you set someone else as a revoker to your key...

> For non-corporate users, the designated revoker seems to have little
> value - a key revoked by a designated revoker will not show as revoked
> unless the designated revoker's key is in your keyring.

[...]

have not really tried this, as am reluctant to clutter keyservers with test
keys, to see what does and does not revoke them

can anyone has has actually done so, comment on the following:

[1] key revoked by uploading a gnupg revocation certificate
[2] key revoked by gnupg designated revoker, and then uploaded by the
revoker
[3] key revoked by gnupg revocation certificate designed for use in pgp,
then revoked in pgp and uploaded to server from pgp
[4] key revoked by pgp designated revoker and uploaded to server

which of the above do or do not work, and what are the 'real world'
caveats?

{  along these lines, maybe it would be possible to have a 'test'
keyserver, [something like the 'test' newsgroups],
where people can try out and test their key revocations, signature changes,
photo id's, new subkey flavors, etc. }

tia,

vedaal

-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt http://www.ipgpp.com/
Comment: { Acts of Kindness better the World, and protect the Soul }
Comment: KeyID: 0x6A05A0B785306D25
Comment: Fingerprint: 96A6 5F71 1C43 8423  D9AE 02FD A711 97BA

iQEVAwUBPyExXWoFoLeFMG0lAQOjwwf+IIY0aZ0mZrLdJ5SyHlzlpN9ByEGNi6Xz
rswQ5pjtRaASTfWbNak1nQ+PpoZs6SDc8ObQ87HjRvcXabpXdorjqp8Vx1deO9bW
riaJQryIPpbtjkkDEc6drKANMNPvjkMfGNoZpPfLRB3nnJubUV/3GL8gN7JVj8PW
q7eEW8NlNU2EcsyCaWkeHSUmI9+a7Uf3AHvWEO06eP9YNkajHrJR7OWuQWAkH/4r
B8WED5AmsinDP6f3gwuZGXM/lKW1f54YVjw1ZYrymAPl/wj+mYwPLxSDSOC2qCgY
Z18V5KlEFKIXBeNxTxPRloveItoWV/1gF8LH4uEWz37YD+lJ5XzkXw==
=rmJU
-----END PGP SIGNATURE-----

 
 
 

Problem with passphrase

Post by Gamma300 » Sat, 26 Jul 2003 16:04:25





> >> Just to add one thing.  If you generated a recocation certificate
> >> when you created the key (whose passphrase you lost) you can upload
> >> that.  If you did NOT upload the key to servers, there really is no
> >> problem then.
> > SImply
> >> create the new key and off you go.

> > ... or if you set someone else as a revoker to your key...

> For non-corporate users, the designated revoker seems to have little
> value - a key revoked by a designated revoker will not show as revoked
> unless the designated revoker's key is in your keyring.

I thought the idea of a designated revoker was that they could revoke the
ket, and it would be *exactly* like you had revoked the key yourself...?
Does that mean that if the key is sent to a keyserver, it still apears as
valid?
 
 
 

1. Conventional passphrase vs private key passphrase

I'm using PGPfreeware v7.03. What is the difference between the
"conventional  passphrase" and "private key /or key passphrase". I'm
having problems decrypting messages because of the above. Can anyone
help.

2. undoing dual boot

3. PGP passphrase problem NT4.0 w/ outlook 97

4. MicroGNU

5. Strange passphrase problem in 5.5

6. Runnins Acad 12 and 3DS 2 under OS/2!

7. Passphrase problem

8. XShell

9. Configure default passphrase using gnupg on windows

10. passphrase "bits of entropy"

11. shell script to give passphrase to gpg?

12. PGP 8.0 PassPhrase Quality

13. change passphrase, update keyservers?