How to correctly change the passphrase of GPG's secret key?

For GPG 2.1 and later, the private keys are stored in ~/.gnupg/private-keys-v1.d Each key, including subkeys, are stored as separate files using the keygrip of the key as the filename:

<keygrip>.key

When using gpg --edit-key to change the passphrase, all subkeys are modified in the private key directory.

However, it seems that seahorse is only modifying the main key's private key file.

So, it looks like this is a bug in seahorse. It may be a regression from earlier gpg versions which stored the private keys in a keyring structure just like the public keys. This behavior was changed in versions 2.1 and later.

Simple test results with test key, showing that seahorse only modifies the main key's private keyfile.

Test Key with three subkeys

pub   ed25519 2018-12-24 [SC]
      988D29CB7CA9D62252B22DEFB42E56952F9FB61C
      Keygrip = 8226D19110BAC4FB4D60BC25869E5F23C1BB667F
uid           [ultimate] delete me (Delete Me) <[email protected]>
sub   cv25519 2018-12-24 [E]
      Keygrip = 04B4D2C5CC29926F48DA2C4FD24F03B9595AE51C
sub   ed25519 2019-03-25 [SA]
      Keygrip = 269995721854253C5F8B48CB40DD24948D580F8C
sub   ed25519 2019-03-25 [SA]
      Keygrip = 604E0E8F9D9C2B19A823E22A90F08EC2DDCA80BB

Passphrase changed with seahorse

-rw------- 1 user user  333 Mar 25 09:27 8226D19110BAC4FB4D60BC25869E5F23C1BB667F.key
-rw------- 1 user user  333 Mar 25 09:08 604E0E8F9D9C2B19A823E22A90F08EC2DDCA80BB.key
-rw------- 1 user user  333 Mar 25 09:08 269995721854253C5F8B48CB40DD24948D580F8C.key
-rw------- 1 user user  341 Mar 25 09:08 04B4D2C5CC29926F48DA2C4FD24F03B9595AE51C.key

Passphrase changed with gpg --edit-key

-rw------- 1 user user  333 Mar 25 09:37 604E0E8F9D9C2B19A823E22A90F08EC2DDCA80BB.key
-rw------- 1 user user  333 Mar 25 09:37 269995721854253C5F8B48CB40DD24948D580F8C.key
-rw------- 1 user user  341 Mar 25 09:37 04B4D2C5CC29926F48DA2C4FD24F03B9595AE51C.key
-rw------- 1 user user  333 Mar 25 09:37 8226D19110BAC4FB4D60BC25869E5F23C1BB667F.key

Seahorse source code check

After reviewing some of the seahorse source code, it seems likely that the behavior lines up with the older secret keyring gpg methods.

According to gpgme documentation, the passphrase should be changed using the gpgme gpgme_op_passwd function call. However, this function call does not appear in the seahorse source code.


Seahorse (aka GNOME Passwords and Keys) maintainer here.

I can't comment on RubberStamp's answer here due to not having enough reputation, but Seahorse started using gpgme_op_passwd (or rather its async variant gpgme_op_passwd_start) in Seahorse 3.32.

The code was already in master earlier than that (about a month before the verified answer), but the release was from the 12th of March. Depending on which version your distribution contains, this should already be fixed. If not, feel free to file an issue :-).

Tags:

Openpgp

Seahorse

Gpg

Recent Posts