How to correctly change the passphrase of GPG's secret key?
For GPG 2.1 and later, the private keys are stored in ~/.gnupg/private-keys-v1.d
Each key, including subkeys, are stored as separate files using the keygrip of the key as the filename:
<keygrip>.key
When using gpg --edit-key
to change the passphrase, all subkeys are modified in the private key directory.
However, it seems that seahorse
is only modifying the main key's private key file.
So, it looks like this is a bug in seahorse
. It may be a regression from earlier gpg
versions which stored the private keys in a keyring structure just like the public keys. This behavior was changed in versions 2.1 and later.
Simple test results with test key, showing that seahorse only modifies the main key's private keyfile.
Test Key with three subkeys
pub ed25519 2018-12-24 [SC]
988D29CB7CA9D62252B22DEFB42E56952F9FB61C
Keygrip = 8226D19110BAC4FB4D60BC25869E5F23C1BB667F
uid [ultimate] delete me (Delete Me) <[email protected]>
sub cv25519 2018-12-24 [E]
Keygrip = 04B4D2C5CC29926F48DA2C4FD24F03B9595AE51C
sub ed25519 2019-03-25 [SA]
Keygrip = 269995721854253C5F8B48CB40DD24948D580F8C
sub ed25519 2019-03-25 [SA]
Keygrip = 604E0E8F9D9C2B19A823E22A90F08EC2DDCA80BB
Passphrase changed with seahorse
-rw------- 1 user user 333 Mar 25 09:27 8226D19110BAC4FB4D60BC25869E5F23C1BB667F.key
-rw------- 1 user user 333 Mar 25 09:08 604E0E8F9D9C2B19A823E22A90F08EC2DDCA80BB.key
-rw------- 1 user user 333 Mar 25 09:08 269995721854253C5F8B48CB40DD24948D580F8C.key
-rw------- 1 user user 341 Mar 25 09:08 04B4D2C5CC29926F48DA2C4FD24F03B9595AE51C.key
Passphrase changed with gpg --edit-key
-rw------- 1 user user 333 Mar 25 09:37 604E0E8F9D9C2B19A823E22A90F08EC2DDCA80BB.key
-rw------- 1 user user 333 Mar 25 09:37 269995721854253C5F8B48CB40DD24948D580F8C.key
-rw------- 1 user user 341 Mar 25 09:37 04B4D2C5CC29926F48DA2C4FD24F03B9595AE51C.key
-rw------- 1 user user 333 Mar 25 09:37 8226D19110BAC4FB4D60BC25869E5F23C1BB667F.key
Seahorse source code check
After reviewing some of the seahorse source code, it seems likely that the behavior lines up with the older secret keyring gpg methods.
According to gpgme
documentation, the passphrase should be changed using the gpgme gpgme_op_passwd
function call. However, this function call does not appear in the seahorse source code.
Seahorse (aka GNOME Passwords and Keys) maintainer here.
I can't comment on RubberStamp's answer here due to not having enough reputation, but Seahorse started using gpgme_op_passwd
(or rather its async variant gpgme_op_passwd_start
) in Seahorse 3.32.
The code was already in master earlier than that (about a month before the verified answer), but the release was from the 12th of March. Depending on which version your distribution contains, this should already be fixed. If not, feel free to file an issue :-).