Problem with passphrase

Printable View

10-03-2007, 02:06 AM
unix

Problem with passphrase

Hi all. Maybe it's a silly question? While testing pgp some time ago I set
a passphrase. Now, I need to use it with the email I attach to that key,
but I've forgotten the passphrase.
Is there anyway of using the same e-mail address?Is it possible to revoke
the key?
I need help. And the solution is not using another email ;)))

TA.
10-03-2007, 02:06 AM
unix

Re: Problem with passphrase

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

George <my_news_email@NOSPANgmx.net> wrote in
news:Xns93C26E45D5858newsgmxnet@130.206.5.54:
[color=blue]
> Hi all. Maybe it's a silly question? While testing pgp some time ago I
> set a passphrase. Now, I need to use it with the email I attach to
> that key, but I've forgotten the passphrase.
> Is there anyway of using the same e-mail address?Is it possible to
> revoke the key?
> I need help. And the solution is not using another email ;)))[/color]

Without the passphrase, you cannot use the private key, so you cannot
revoke the key, decrypt anything encrypted to that key, etc.

You can generate a new key that has the same user ID (name and address),
but that won't help with anything encrypted to the prior key.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
Comment: My PGP Page & FAQ: [url]http://www.McCune.cc/PGP.htm[/url]

iQEVAwUBPx+5Y2DeI9apM77TAQJmAwf+JJiGGsS44kcEY0chQXJF6yEmC5+JRali
Zt8ejrKuA/vlbXJl95HrfNHMTceaXYFfWEtEQ4F+G5BOQp009m/shcD6XTFGK3R6
zdpKzXi5GvxH4E159hIUuhHhf3qKsf7k2u68/4rq6fjJdDsHCDYXMlFimz2+gvKW
z+ZZvBmWDgV79+xSJm1Q46smNmguFivBXeQ7CJsRsBTQ5ntN0fnXKP9HX142S0nA
HXqkN6w3fgXp7jYBrFEt+aXn6EHJLQxpDh9/QxfAAwRDpzPIzO6ZCxi9CTVT7bnv
LLkS+YAzAUaCOO58hKB3Apn5L39J0R+PL/Cx+Cegp+2dAyC2QcICJg==
=zoe1
-----END PGP SIGNATURE-----
10-03-2007, 02:06 AM
unix

Re: Problem with passphrase

"Peter" <nospam@dontreply.com> wrote in message
news:wJOdnYCmTuM0TIKiXTWJiw@comcast.com...[color=blue]
> Tom McCune wrote:
>[color=green]
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > George <my_news_email@NOSPANgmx.net> wrote in
> > news:Xns93C26E45D5858newsgmxnet@130.206.5.54:
> >[color=darkred]
> >> Hi all. Maybe it's a silly question? While testing pgp some time ago I
> >> set a passphrase. Now, I need to use it with the email I attach to
> >> that key, but I've forgotten the passphrase.
> >> Is there anyway of using the same e-mail address?Is it possible to
> >> revoke the key?
> >> I need help. And the solution is not using another email ;)))[/color]
> >
> > Without the passphrase, you cannot use the private key, so you cannot
> > revoke the key, decrypt anything encrypted to that key, etc.
> >
> > You can generate a new key that has the same user ID (name and address),
> > but that won't help with anything encrypted to the prior key.
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGP 8.0.2
> > Comment: My PGP Page & FAQ: [url]http://www.McCune.cc/PGP.htm[/url]
> >
> > iQEVAwUBPx+5Y2DeI9apM77TAQJmAwf+JJiGGsS44kcEY0chQXJF6yEmC5+JRali
> > Zt8ejrKuA/vlbXJl95HrfNHMTceaXYFfWEtEQ4F+G5BOQp009m/shcD6XTFGK3R6
> > zdpKzXi5GvxH4E159hIUuhHhf3qKsf7k2u68/4rq6fjJdDsHCDYXMlFimz2+gvKW
> > z+ZZvBmWDgV79+xSJm1Q46smNmguFivBXeQ7CJsRsBTQ5ntN0fnXKP9HX142S0nA
> > HXqkN6w3fgXp7jYBrFEt+aXn6EHJLQxpDh9/QxfAAwRDpzPIzO6ZCxi9CTVT7bnv
> > LLkS+YAzAUaCOO58hKB3Apn5L39J0R+PL/Cx+Cegp+2dAyC2QcICJg==
> > =zoe1
> > -----END PGP SIGNATURE-----[/color]
>
> Just to add one thing. If you generated a recocation certificate when you
> created the key (whose passphrase you lost) you can upload that. If you
> did NOT upload the key to servers, there really is no problem then.[/color]
SImply[color=blue]
> create the new key and off you go.[/color]

.... or if you set someone else as a revoker to your key...
--
-----BEGIN GEEK CODE BLOCK-----
Version 3.12
GU d-(--) s+:- a--- C++(++++) !U W++(+++) N+(++) o K? w+(--) ?O
M>++ V? PS+ PE-@ Y+(++) PGP++ t+(*) 5 X R(+) tv(-) b+(+++)
DI++++ D G e(*) h!>--- r++ z+>+++
------END GEEK CODE BLOCK------
10-03-2007, 02:06 AM
unix

Re: Problem with passphrase

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"Gamma3000" <d2pk455b02@sneakemail.com> wrote in
news:3f1fff4b@shknews01:
[color=blue][color=green]
>> Just to add one thing. If you generated a recocation certificate
>> when you created the key (whose passphrase you lost) you can upload
>> that. If you did NOT upload the key to servers, there really is no
>> problem then.[/color]
> SImply[color=green]
>> create the new key and off you go.[/color]
>
> ... or if you set someone else as a revoker to your key...[/color]

For non-corporate users, the designated revoker seems to have little
value - a key revoked by a designated revoker will not show as revoked
unless the designated revoker's key is in your keyring.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
Comment: My PGP Page & FAQ: [url]http://www.McCune.cc/PGP.htm[/url]

iQEVAwUBPyBBzWDeI9apM77TAQIqAgf+JQm3KCf+aAc7mFMLyfpoBxRd3KrRyj/v
ZDIkiOTSgFsdX8O4AOJP8lFF7VeV+4l9CYbF3+Ch4OAQ41VPec5ubvM6/TvCW/yC
UDjkSTkdteOBM8Q08xITip9wYR9oq55rLd7pQ0l/7nLyUZOsnut8jquYuI7cA+wp
V6Q3MTCrVxurHSxF/JLRKNiDXY8AcbKD9T3yxwTjmsRVhbS0A2NXL1aY2l2JNPNQ
X0X1P8ccSbvhlu/p/5zdFBEAv9bViMhjCJI/CGznqgSw8jck/8KNV7lgkg2FdsDh
nBhoGjut3u8P2GXOEgjqy/6/XtavhJ4WQZXoJR7Fjmm/4P1/pcIujQ==
=lfZQ
-----END PGP SIGNATURE-----
10-03-2007, 02:06 AM
unix

Re: Problem with passphrase

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

"Tom McCune" <tom@DELETE_THISmccune.cc> wrote in message
news:hlXTa.112907$EQ5.15674@twister.nyroc.rr.com...

[...]
[color=blue][color=green][color=darkred]
> >> Just to add one thing. If you generated a recocation certificate
> >> when you created the key (whose passphrase you lost) you can upload
> >> that. If you did NOT upload the key to servers, there really is no
> >> problem then.[/color]
> > SImply[color=darkred]
> >> create the new key and off you go.[/color]
> >
> > ... or if you set someone else as a revoker to your key...[/color]
>
> For non-corporate users, the designated revoker seems to have little
> value - a key revoked by a designated revoker will not show as revoked
> unless the designated revoker's key is in your keyring.[/color]

[...]

have not really tried this, as am reluctant to clutter keyservers with test
keys, to see what does and does not revoke them

can anyone has has actually done so, comment on the following:

[1] key revoked by uploading a gnupg revocation certificate
[2] key revoked by gnupg designated revoker, and then uploaded by the
revoker
[3] key revoked by gnupg revocation certificate designed for use in pgp,
then revoked in pgp and uploaded to server from pgp
[4] key revoked by pgp designated revoker and uploaded to server

which of the above do or do not work, and what are the 'real world'
caveats?

{ along these lines, maybe it would be possible to have a 'test'
keyserver, [something like the 'test' newsgroups],
where people can try out and test their key revocations, signature changes,
photo id's, new subkey flavors, etc. }

tia,

vedaal

-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt [url]http://www.ipgpp.com/[/url]
Comment: { Acts of Kindness better the World, and protect the Soul }
Comment: KeyID: 0x6A05A0B785306D25
Comment: Fingerprint: 96A6 5F71 1C43 8423 D9AE 02FD A711 97BA

iQEVAwUBPyExXWoFoLeFMG0lAQOjwwf+IIY0aZ0mZrLdJ5SyHlzlpN9ByEGNi6Xz
rswQ5pjtRaASTfWbNak1nQ+PpoZs6SDc8ObQ87HjRvcXabpXdorjqp8Vx1deO9bW
riaJQryIPpbtjkkDEc6drKANMNPvjkMfGNoZpPfLRB3nnJubUV/3GL8gN7JVj8PW
q7eEW8NlNU2EcsyCaWkeHSUmI9+a7Uf3AHvWEO06eP9YNkajHrJR7OWuQWAkH/4r
B8WED5AmsinDP6f3gwuZGXM/lKW1f54YVjw1ZYrymAPl/wj+mYwPLxSDSOC2qCgY
Z18V5KlEFKIXBeNxTxPRloveItoWV/1gF8LH4uEWz37YD+lJ5XzkXw==
=rmJU
-----END PGP SIGNATURE-----
10-03-2007, 02:06 AM
unix

Re: Problem with passphrase

"Tom McCune" <tom@DELETE_THISmccune.cc> wrote in message
news:hlXTa.112907$EQ5.15674@twister.nyroc.rr.com...
"Gamma3000" <d2pk455b02@sneakemail.com> wrote in[color=blue]
> news:3f1fff4b@shknews01:
>[color=green][color=darkred]
> >> Just to add one thing. If you generated a recocation certificate
> >> when you created the key (whose passphrase you lost) you can upload
> >> that. If you did NOT upload the key to servers, there really is no
> >> problem then.[/color]
> > SImply[color=darkred]
> >> create the new key and off you go.[/color]
> >
> > ... or if you set someone else as a revoker to your key...[/color]
>
> For non-corporate users, the designated revoker seems to have little
> value - a key revoked by a designated revoker will not show as revoked
> unless the designated revoker's key is in your keyring.[/color]

I thought the idea of a designated revoker was that they could revoke the
ket, and it would be *exactly* like you had revoked the key yourself...?
Does that mean that if the key is sent to a keyserver, it still apears as
valid?
10-03-2007, 02:06 AM
unix

Re: Problem with passphrase

"Gamma3000" <d2pk455b02@sneakemail.com> wrote in news:3f2156db@shknews01:
[color=blue][color=green]
>> For non-corporate users, the designated revoker seems to have little
>> value - a key revoked by a designated revoker will not show as revoked
>> unless the designated revoker's key is in your keyring.[/color]
>
> I thought the idea of a designated revoker was that they could revoke the
> ket, and it would be *exactly* like you had revoked the key yourself...?
> Does that mean that if the key is sent to a keyserver, it still apears as
> valid?[/color]

I can't add much more. This is stated on page 130 of the current manual.

--
Tom McCune
My PGP Page & FAQ: [url]http://www.McCune.cc/PGP.htm[/url]