How can I remove the passphrase from a gpg2 private key?











up vote
3
down vote

favorite












Yes, I know it is a step into a lesser secure system, but the current setting makes it reasonable (the key is not important, but the signing has to be automatized).



Google results say this:




  1. List the keys with a gpg --list-keys

  2. Edit the key with a gpg --edit-key C0DEEBED....

  3. A gpg command line console starts, there a passwd command changes the passphrase

  4. Giving the password twice (in my case, simple enter) changes the key.


However, it doesn't work, because gpg2 simply doesn't allow an empty password.



What to do?






gpg







share|improve this question






















  • Is there a reason why using gpg-agent will not work for automating gpg signing tasks?
    – Deathgrip
    Jul 18 '17 at 18:26






  • 2




    @Deathgrip Because the key has also a passphrase. Thus, in the case of signing anything, first this passphrase has to be given. It is an unavoidable human interaction. Thus, it can't be automatized. To automatize the gpg signing, I have to remove the passphrase from the key pair. Gpg can create key pairs without passphrase, and it can also change the passphrase of an existing key pair. The goal is now to remove the existing passphrase from the key pair, making it into a passphrase-less, unprotected one. (Note, file permissions still are still protecting the key pair.)
    – peterh
    Jul 18 '17 at 18:48








  • 1




    Not completely automated, but you can manually start and seed the agent and use it until the machine reboots or your cache's expire. I set max-cache-ttl and default-cache-ttl to 31536000 (365 days). Then "seed" the agent with a command similar to echo | gpg -sa -u <keyid> >/dev/null. A separate script could launch, source the environment file created when starting the agent, then sign a file. In the script, execute gpg with --batch mode and it should return an error if a password is required. Send an alert if that happens. I do a few things like this utilizing ssh and gpg agents.
    – Deathgrip
    Jul 18 '17 at 21:47










  • what's the purpose of a key password then if you can just remove it?
    – AnonymousLurker
    Nov 27 at 0:34










  • @AnonymousLurker In general, it exists in the key as some hash or salt. Thus, you can't so easily remove it, it requires a dictionary attack to do that. In the special case of this question, the password is an obstacle to automatize the key-based encryption.
    – peterh
    Nov 27 at 0:37















up vote
3
down vote

favorite












Yes, I know it is a step into a lesser secure system, but the current setting makes it reasonable (the key is not important, but the signing has to be automatized).



Google results say this:




  1. List the keys with a gpg --list-keys

  2. Edit the key with a gpg --edit-key C0DEEBED....

  3. A gpg command line console starts, there a passwd command changes the passphrase

  4. Giving the password twice (in my case, simple enter) changes the key.


However, it doesn't work, because gpg2 simply doesn't allow an empty password.



What to do?






gpg







share|improve this question






















  • Is there a reason why using gpg-agent will not work for automating gpg signing tasks?
    – Deathgrip
    Jul 18 '17 at 18:26






  • 2




    @Deathgrip Because the key has also a passphrase. Thus, in the case of signing anything, first this passphrase has to be given. It is an unavoidable human interaction. Thus, it can't be automatized. To automatize the gpg signing, I have to remove the passphrase from the key pair. Gpg can create key pairs without passphrase, and it can also change the passphrase of an existing key pair. The goal is now to remove the existing passphrase from the key pair, making it into a passphrase-less, unprotected one. (Note, file permissions still are still protecting the key pair.)
    – peterh
    Jul 18 '17 at 18:48








  • 1




    Not completely automated, but you can manually start and seed the agent and use it until the machine reboots or your cache's expire. I set max-cache-ttl and default-cache-ttl to 31536000 (365 days). Then "seed" the agent with a command similar to echo | gpg -sa -u <keyid> >/dev/null. A separate script could launch, source the environment file created when starting the agent, then sign a file. In the script, execute gpg with --batch mode and it should return an error if a password is required. Send an alert if that happens. I do a few things like this utilizing ssh and gpg agents.
    – Deathgrip
    Jul 18 '17 at 21:47










  • what's the purpose of a key password then if you can just remove it?
    – AnonymousLurker
    Nov 27 at 0:34










  • @AnonymousLurker In general, it exists in the key as some hash or salt. Thus, you can't so easily remove it, it requires a dictionary attack to do that. In the special case of this question, the password is an obstacle to automatize the key-based encryption.
    – peterh
    Nov 27 at 0:37













up vote
3
down vote

favorite









up vote
3
down vote

favorite











Yes, I know it is a step into a lesser secure system, but the current setting makes it reasonable (the key is not important, but the signing has to be automatized).



Google results say this:




  1. List the keys with a gpg --list-keys

  2. Edit the key with a gpg --edit-key C0DEEBED....

  3. A gpg command line console starts, there a passwd command changes the passphrase

  4. Giving the password twice (in my case, simple enter) changes the key.


However, it doesn't work, because gpg2 simply doesn't allow an empty password.



What to do?






gpg







share|improve this question













Yes, I know it is a step into a lesser secure system, but the current setting makes it reasonable (the key is not important, but the signing has to be automatized).



Google results say this:




  1. List the keys with a gpg --list-keys

  2. Edit the key with a gpg --edit-key C0DEEBED....

  3. A gpg command line console starts, there a passwd command changes the passphrase

  4. Giving the password twice (in my case, simple enter) changes the key.


However, it doesn't work, because gpg2 simply doesn't allow an empty password.



What to do?






gpg




gpg






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Jul 18 '17 at 17:59









peterh

4,09292956




4,09292956












  • Is there a reason why using gpg-agent will not work for automating gpg signing tasks?
    – Deathgrip
    Jul 18 '17 at 18:26






  • 2




    @Deathgrip Because the key has also a passphrase. Thus, in the case of signing anything, first this passphrase has to be given. It is an unavoidable human interaction. Thus, it can't be automatized. To automatize the gpg signing, I have to remove the passphrase from the key pair. Gpg can create key pairs without passphrase, and it can also change the passphrase of an existing key pair. The goal is now to remove the existing passphrase from the key pair, making it into a passphrase-less, unprotected one. (Note, file permissions still are still protecting the key pair.)
    – peterh
    Jul 18 '17 at 18:48








  • 1




    Not completely automated, but you can manually start and seed the agent and use it until the machine reboots or your cache's expire. I set max-cache-ttl and default-cache-ttl to 31536000 (365 days). Then "seed" the agent with a command similar to echo | gpg -sa -u <keyid> >/dev/null. A separate script could launch, source the environment file created when starting the agent, then sign a file. In the script, execute gpg with --batch mode and it should return an error if a password is required. Send an alert if that happens. I do a few things like this utilizing ssh and gpg agents.
    – Deathgrip
    Jul 18 '17 at 21:47










  • what's the purpose of a key password then if you can just remove it?
    – AnonymousLurker
    Nov 27 at 0:34










  • @AnonymousLurker In general, it exists in the key as some hash or salt. Thus, you can't so easily remove it, it requires a dictionary attack to do that. In the special case of this question, the password is an obstacle to automatize the key-based encryption.
    – peterh
    Nov 27 at 0:37


















  • Is there a reason why using gpg-agent will not work for automating gpg signing tasks?
    – Deathgrip
    Jul 18 '17 at 18:26






  • 2




    @Deathgrip Because the key has also a passphrase. Thus, in the case of signing anything, first this passphrase has to be given. It is an unavoidable human interaction. Thus, it can't be automatized. To automatize the gpg signing, I have to remove the passphrase from the key pair. Gpg can create key pairs without passphrase, and it can also change the passphrase of an existing key pair. The goal is now to remove the existing passphrase from the key pair, making it into a passphrase-less, unprotected one. (Note, file permissions still are still protecting the key pair.)
    – peterh
    Jul 18 '17 at 18:48








  • 1




    Not completely automated, but you can manually start and seed the agent and use it until the machine reboots or your cache's expire. I set max-cache-ttl and default-cache-ttl to 31536000 (365 days). Then "seed" the agent with a command similar to echo | gpg -sa -u <keyid> >/dev/null. A separate script could launch, source the environment file created when starting the agent, then sign a file. In the script, execute gpg with --batch mode and it should return an error if a password is required. Send an alert if that happens. I do a few things like this utilizing ssh and gpg agents.
    – Deathgrip
    Jul 18 '17 at 21:47










  • what's the purpose of a key password then if you can just remove it?
    – AnonymousLurker
    Nov 27 at 0:34










  • @AnonymousLurker In general, it exists in the key as some hash or salt. Thus, you can't so easily remove it, it requires a dictionary attack to do that. In the special case of this question, the password is an obstacle to automatize the key-based encryption.
    – peterh
    Nov 27 at 0:37
















Is there a reason why using gpg-agent will not work for automating gpg signing tasks?
– Deathgrip
Jul 18 '17 at 18:26




Is there a reason why using gpg-agent will not work for automating gpg signing tasks?
– Deathgrip
Jul 18 '17 at 18:26




2




2




@Deathgrip Because the key has also a passphrase. Thus, in the case of signing anything, first this passphrase has to be given. It is an unavoidable human interaction. Thus, it can't be automatized. To automatize the gpg signing, I have to remove the passphrase from the key pair. Gpg can create key pairs without passphrase, and it can also change the passphrase of an existing key pair. The goal is now to remove the existing passphrase from the key pair, making it into a passphrase-less, unprotected one. (Note, file permissions still are still protecting the key pair.)
– peterh
Jul 18 '17 at 18:48






@Deathgrip Because the key has also a passphrase. Thus, in the case of signing anything, first this passphrase has to be given. It is an unavoidable human interaction. Thus, it can't be automatized. To automatize the gpg signing, I have to remove the passphrase from the key pair. Gpg can create key pairs without passphrase, and it can also change the passphrase of an existing key pair. The goal is now to remove the existing passphrase from the key pair, making it into a passphrase-less, unprotected one. (Note, file permissions still are still protecting the key pair.)
– peterh
Jul 18 '17 at 18:48






1




1




Not completely automated, but you can manually start and seed the agent and use it until the machine reboots or your cache's expire. I set max-cache-ttl and default-cache-ttl to 31536000 (365 days). Then "seed" the agent with a command similar to echo | gpg -sa -u <keyid> >/dev/null. A separate script could launch, source the environment file created when starting the agent, then sign a file. In the script, execute gpg with --batch mode and it should return an error if a password is required. Send an alert if that happens. I do a few things like this utilizing ssh and gpg agents.
– Deathgrip
Jul 18 '17 at 21:47




Not completely automated, but you can manually start and seed the agent and use it until the machine reboots or your cache's expire. I set max-cache-ttl and default-cache-ttl to 31536000 (365 days). Then "seed" the agent with a command similar to echo | gpg -sa -u <keyid> >/dev/null. A separate script could launch, source the environment file created when starting the agent, then sign a file. In the script, execute gpg with --batch mode and it should return an error if a password is required. Send an alert if that happens. I do a few things like this utilizing ssh and gpg agents.
– Deathgrip
Jul 18 '17 at 21:47












what's the purpose of a key password then if you can just remove it?
– AnonymousLurker
Nov 27 at 0:34




what's the purpose of a key password then if you can just remove it?
– AnonymousLurker
Nov 27 at 0:34












@AnonymousLurker In general, it exists in the key as some hash or salt. Thus, you can't so easily remove it, it requires a dictionary attack to do that. In the special case of this question, the password is an obstacle to automatize the key-based encryption.
– peterh
Nov 27 at 0:37




@AnonymousLurker In general, it exists in the key as some hash or salt. Thus, you can't so easily remove it, it requires a dictionary attack to do that. In the special case of this question, the password is an obstacle to automatize the key-based encryption.
– peterh
Nov 27 at 0:37










3 Answers
3






active

oldest

votes

















up vote
1
down vote



accepted










With pinentry-0.8.1 (and gnupg2-2.0.22) on Centos 7 I was able to remove the passphrase from the secret key by not specifying a new password; pinentry did whine and warn about the blank password but both the console and GTK pinentry programs had a "Take this one anyway" prompt that resulted in a password-free secret key.



On the other hand, this attempt failed as the then imported secret key is marked as unusable:



gpg --export-options export-reset-subkey-passwd --export-secret-subkeys > x





share|improve this answer





















  • I dug sources a lot, I tried pinentry (completely undocumented command line interface), I used gpg --change-passphrase, I commented out "use agent" in ~/.gnupg/gpg.conf, and somehow, somewhere it started to work. I am too disappointed to invest even a little second into this any more. But thank you very much.
    – peterh
    Jul 18 '17 at 23:46






  • 1




    Yeah, I'm using gpg 1.4 elsewhere as gpg2 annoys me too much.
    – thrig
    Jul 19 '17 at 0:05


















up vote
2
down vote













Well, I succeed in removing passphrase or creating new key without passphrase by using pinentry-gtk-2 as the pinentry program. Here is what I have done:



There is no config file in ~/.gnupg. I created a symbolic link from /usr/bin/pinentry to /usr/bin/pinentry-gtk-2



 sudo ln -s /usr/bin/pinentry-gtk-2 /usr/bin/pinentry


It also worked over an SSH connection with X11 forwarding.






share|improve this answer























  • Welcome on the Unix SE! I fighted a lot with the ncurses-based pinentry, but without success.
    – peterh
    Oct 1 at 21:32


















up vote
0
down vote













I was able to do this using Kleopatra.
In the application right-click on the keypair you want to remove the passphrase from.
Click Change passphrase.... Enter the passphrase in the pop up window. In the next pop up window leave both
inputs empty and click Ok. click the option similar to Yes, protection is not needed. These last two pop ups may show up a couple times as confirmation. Just leave the inputs for new passphrase blank and click Ok. Then you will receive a confirmation that "The passphrase has been successfully reset".






share|improve this answer








New contributor




Bahman.A is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f379352%2fhow-can-i-remove-the-passphrase-from-a-gpg2-private-key%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    1
    down vote



    accepted










    With pinentry-0.8.1 (and gnupg2-2.0.22) on Centos 7 I was able to remove the passphrase from the secret key by not specifying a new password; pinentry did whine and warn about the blank password but both the console and GTK pinentry programs had a "Take this one anyway" prompt that resulted in a password-free secret key.



    On the other hand, this attempt failed as the then imported secret key is marked as unusable:



    gpg --export-options export-reset-subkey-passwd --export-secret-subkeys > x





    share|improve this answer





















    • I dug sources a lot, I tried pinentry (completely undocumented command line interface), I used gpg --change-passphrase, I commented out "use agent" in ~/.gnupg/gpg.conf, and somehow, somewhere it started to work. I am too disappointed to invest even a little second into this any more. But thank you very much.
      – peterh
      Jul 18 '17 at 23:46






    • 1




      Yeah, I'm using gpg 1.4 elsewhere as gpg2 annoys me too much.
      – thrig
      Jul 19 '17 at 0:05















    up vote
    1
    down vote



    accepted










    With pinentry-0.8.1 (and gnupg2-2.0.22) on Centos 7 I was able to remove the passphrase from the secret key by not specifying a new password; pinentry did whine and warn about the blank password but both the console and GTK pinentry programs had a "Take this one anyway" prompt that resulted in a password-free secret key.



    On the other hand, this attempt failed as the then imported secret key is marked as unusable:



    gpg --export-options export-reset-subkey-passwd --export-secret-subkeys > x





    share|improve this answer





















    • I dug sources a lot, I tried pinentry (completely undocumented command line interface), I used gpg --change-passphrase, I commented out "use agent" in ~/.gnupg/gpg.conf, and somehow, somewhere it started to work. I am too disappointed to invest even a little second into this any more. But thank you very much.
      – peterh
      Jul 18 '17 at 23:46






    • 1




      Yeah, I'm using gpg 1.4 elsewhere as gpg2 annoys me too much.
      – thrig
      Jul 19 '17 at 0:05













    up vote
    1
    down vote



    accepted







    up vote
    1
    down vote



    accepted






    With pinentry-0.8.1 (and gnupg2-2.0.22) on Centos 7 I was able to remove the passphrase from the secret key by not specifying a new password; pinentry did whine and warn about the blank password but both the console and GTK pinentry programs had a "Take this one anyway" prompt that resulted in a password-free secret key.



    On the other hand, this attempt failed as the then imported secret key is marked as unusable:



    gpg --export-options export-reset-subkey-passwd --export-secret-subkeys > x





    share|improve this answer












    With pinentry-0.8.1 (and gnupg2-2.0.22) on Centos 7 I was able to remove the passphrase from the secret key by not specifying a new password; pinentry did whine and warn about the blank password but both the console and GTK pinentry programs had a "Take this one anyway" prompt that resulted in a password-free secret key.



    On the other hand, this attempt failed as the then imported secret key is marked as unusable:



    gpg --export-options export-reset-subkey-passwd --export-secret-subkeys > x






    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Jul 18 '17 at 20:11









    thrig

    23.8k12955




    23.8k12955












    • I dug sources a lot, I tried pinentry (completely undocumented command line interface), I used gpg --change-passphrase, I commented out "use agent" in ~/.gnupg/gpg.conf, and somehow, somewhere it started to work. I am too disappointed to invest even a little second into this any more. But thank you very much.
      – peterh
      Jul 18 '17 at 23:46






    • 1




      Yeah, I'm using gpg 1.4 elsewhere as gpg2 annoys me too much.
      – thrig
      Jul 19 '17 at 0:05


















    • I dug sources a lot, I tried pinentry (completely undocumented command line interface), I used gpg --change-passphrase, I commented out "use agent" in ~/.gnupg/gpg.conf, and somehow, somewhere it started to work. I am too disappointed to invest even a little second into this any more. But thank you very much.
      – peterh
      Jul 18 '17 at 23:46






    • 1




      Yeah, I'm using gpg 1.4 elsewhere as gpg2 annoys me too much.
      – thrig
      Jul 19 '17 at 0:05
















    I dug sources a lot, I tried pinentry (completely undocumented command line interface), I used gpg --change-passphrase, I commented out "use agent" in ~/.gnupg/gpg.conf, and somehow, somewhere it started to work. I am too disappointed to invest even a little second into this any more. But thank you very much.
    – peterh
    Jul 18 '17 at 23:46




    I dug sources a lot, I tried pinentry (completely undocumented command line interface), I used gpg --change-passphrase, I commented out "use agent" in ~/.gnupg/gpg.conf, and somehow, somewhere it started to work. I am too disappointed to invest even a little second into this any more. But thank you very much.
    – peterh
    Jul 18 '17 at 23:46




    1




    1




    Yeah, I'm using gpg 1.4 elsewhere as gpg2 annoys me too much.
    – thrig
    Jul 19 '17 at 0:05




    Yeah, I'm using gpg 1.4 elsewhere as gpg2 annoys me too much.
    – thrig
    Jul 19 '17 at 0:05












    up vote
    2
    down vote













    Well, I succeed in removing passphrase or creating new key without passphrase by using pinentry-gtk-2 as the pinentry program. Here is what I have done:



    There is no config file in ~/.gnupg. I created a symbolic link from /usr/bin/pinentry to /usr/bin/pinentry-gtk-2



     sudo ln -s /usr/bin/pinentry-gtk-2 /usr/bin/pinentry


    It also worked over an SSH connection with X11 forwarding.






    share|improve this answer























    • Welcome on the Unix SE! I fighted a lot with the ncurses-based pinentry, but without success.
      – peterh
      Oct 1 at 21:32















    up vote
    2
    down vote













    Well, I succeed in removing passphrase or creating new key without passphrase by using pinentry-gtk-2 as the pinentry program. Here is what I have done:



    There is no config file in ~/.gnupg. I created a symbolic link from /usr/bin/pinentry to /usr/bin/pinentry-gtk-2



     sudo ln -s /usr/bin/pinentry-gtk-2 /usr/bin/pinentry


    It also worked over an SSH connection with X11 forwarding.






    share|improve this answer























    • Welcome on the Unix SE! I fighted a lot with the ncurses-based pinentry, but without success.
      – peterh
      Oct 1 at 21:32













    up vote
    2
    down vote










    up vote
    2
    down vote









    Well, I succeed in removing passphrase or creating new key without passphrase by using pinentry-gtk-2 as the pinentry program. Here is what I have done:



    There is no config file in ~/.gnupg. I created a symbolic link from /usr/bin/pinentry to /usr/bin/pinentry-gtk-2



     sudo ln -s /usr/bin/pinentry-gtk-2 /usr/bin/pinentry


    It also worked over an SSH connection with X11 forwarding.






    share|improve this answer














    Well, I succeed in removing passphrase or creating new key without passphrase by using pinentry-gtk-2 as the pinentry program. Here is what I have done:



    There is no config file in ~/.gnupg. I created a symbolic link from /usr/bin/pinentry to /usr/bin/pinentry-gtk-2



     sudo ln -s /usr/bin/pinentry-gtk-2 /usr/bin/pinentry


    It also worked over an SSH connection with X11 forwarding.







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Oct 1 at 21:31







    user88036

















    answered Oct 1 at 21:28









    miyasagi

    212




    212












    • Welcome on the Unix SE! I fighted a lot with the ncurses-based pinentry, but without success.
      – peterh
      Oct 1 at 21:32


















    • Welcome on the Unix SE! I fighted a lot with the ncurses-based pinentry, but without success.
      – peterh
      Oct 1 at 21:32
















    Welcome on the Unix SE! I fighted a lot with the ncurses-based pinentry, but without success.
    – peterh
    Oct 1 at 21:32




    Welcome on the Unix SE! I fighted a lot with the ncurses-based pinentry, but without success.
    – peterh
    Oct 1 at 21:32










    up vote
    0
    down vote













    I was able to do this using Kleopatra.
    In the application right-click on the keypair you want to remove the passphrase from.
    Click Change passphrase.... Enter the passphrase in the pop up window. In the next pop up window leave both
    inputs empty and click Ok. click the option similar to Yes, protection is not needed. These last two pop ups may show up a couple times as confirmation. Just leave the inputs for new passphrase blank and click Ok. Then you will receive a confirmation that "The passphrase has been successfully reset".






    share|improve this answer








    New contributor




    Bahman.A is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






















      up vote
      0
      down vote













      I was able to do this using Kleopatra.
      In the application right-click on the keypair you want to remove the passphrase from.
      Click Change passphrase.... Enter the passphrase in the pop up window. In the next pop up window leave both
      inputs empty and click Ok. click the option similar to Yes, protection is not needed. These last two pop ups may show up a couple times as confirmation. Just leave the inputs for new passphrase blank and click Ok. Then you will receive a confirmation that "The passphrase has been successfully reset".






      share|improve this answer








      New contributor




      Bahman.A is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.




















        up vote
        0
        down vote










        up vote
        0
        down vote









        I was able to do this using Kleopatra.
        In the application right-click on the keypair you want to remove the passphrase from.
        Click Change passphrase.... Enter the passphrase in the pop up window. In the next pop up window leave both
        inputs empty and click Ok. click the option similar to Yes, protection is not needed. These last two pop ups may show up a couple times as confirmation. Just leave the inputs for new passphrase blank and click Ok. Then you will receive a confirmation that "The passphrase has been successfully reset".






        share|improve this answer








        New contributor




        Bahman.A is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        I was able to do this using Kleopatra.
        In the application right-click on the keypair you want to remove the passphrase from.
        Click Change passphrase.... Enter the passphrase in the pop up window. In the next pop up window leave both
        inputs empty and click Ok. click the option similar to Yes, protection is not needed. These last two pop ups may show up a couple times as confirmation. Just leave the inputs for new passphrase blank and click Ok. Then you will receive a confirmation that "The passphrase has been successfully reset".







        share|improve this answer








        New contributor




        Bahman.A is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        share|improve this answer



        share|improve this answer






        New contributor




        Bahman.A is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        answered Nov 26 at 23:37









        Bahman.A

        12




        12




        New contributor




        Bahman.A is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.





        New contributor





        Bahman.A is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






        Bahman.A is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f379352%2fhow-can-i-remove-the-passphrase-from-a-gpg2-private-key%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Accessing regular linux commands in Huawei's Dopra Linux

            Image
            4 Backstory: I have a Huawei HG8245 router in my house and I want to change the default username/password. I've tried following this guide but the config file always gets reset. My ISP isn't helping either so I'm looking for other ways to accomplish this. The router has telnet access so this seems like a way to change the credentials. The first shell I gain access to looks like this: WAP> Pressing "?" gives me a list of available commands which I've pasted here, the two interesting ones are "su" and "shell". I can't seem to get su access, even after logging in as root (challenge password prompt, and then nothing happens), but shell gives me a proper linux shell. WAP>shell BusyBox v1.18.4 (2017-12-26 17:06:34 CST) built-in shell (ash) Enter 'hel...
            Read more

            Can't connect RFCOMM socket: Host is down

            Image
            up vote 3 down vote favorite I have bluez 5.4.3 and I am attempting to communicate with a ble device through minicom. These two deceives (my computer and a bluno nano) are alreadt paired and this has been my method so far. #bluetoothctl # pair xx:xx:xx:xx:xx:xx # exit Everything is working well so far then... #sudo rfcomm connect /dev/rfcomm0 xx:xx:xx:xx:xx:xx 1 & [1] 3665 Can't connect RFCOMM socket: Host is down Does anyone know how to resolve this issue? Any help would be very much appreciated. bluetooth bluez share | improve this question asked Feb 9 '17 at 18:46 Brandon Knape 46 2 ...
            Read more

            Kernel panic - not syncing: Fatal Exception in Interrupt

            Image
            0 Every day this error occured on my pc, kernel panic error on interrupt, what will be the problem? linux-mint share asked 6 mins ago Vinod Selvin Vinod Selvin 1 1 New contributor Vinod Selvin is a new contributor to this site. Take care in asking for clarification, commenting, and answering. Check out our Code of Conduct. add a comment ...
            Read more