GPG Change Passphrase Secret Key Password Command

by on October 13, 2013 · 4 comments· LAST UPDATED October 13, 2013

in , , ,

I know how to cange a passphrase for openssh using ssh-keygen command. How do I change a GPG encryption key's passphrase on Linux or Unix like operating systems? How do I change the passphrase of the secret key using gpg?

Tutorial details
DifficultyEasy (rss)
Root privilegesNo
RequirementsGNU gpg
Estimated completion time2m
gpg is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a tool to provide digital encryption and signing services using the OpenPGP standard. You can use the gpg command for complete key management including setting up keys, change key passphrase, list keys and much more.

Change the passphrase of the secret key

The syntax is:
gpg --edit-key Your-Key-ID-Here
gpg> passwd
gpg> save

You need type the passwd command followed by the save command at gpg> prompt to change the passphrase for your key-ID.

Examples

First, list your keys with the following command:

 
gpg --list-keys
 

Sample outputs:

/root/.gnupg/pubring.gpg
------------------------
pub   4096R/9AABBCD8 2013-10-04
uid                  Home Nas Server (Home Nas Server Backup) 
sub   4096R/149D60C7 2013-10-04

You need to note down the public key 9AABBCD8. Next, type the following command:

 
gpg --edit-key 9AABBCD8
 

Sample outputs:

gpg (GnuPG) 1.4.12; Copyright (C) 2012 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
pub 4096R/9AABBCD8 created: 2013-10-04 expires: never usage: SC trust: ultimate validity: ultimate sub 4096R/149D60C7 created: 2013-10-04 expires: never usage: E [ultimate] (1). Home Nas Server (Home Nas Server Backup)
gpg>

Type the passwd command at gpg> prompt to change the passphrase:

gpg> passwd

You need to supply old passphrase to unlock the secret key:

Key is protected.
You need a passphrase to unlock the secret key for user: "Home Nas Server (Home Nas Server Backup) " 4096-bit RSA key, ID 9AABBCD8, created 2013-10-04
Enter passphrase: TYPE-YOUR-OLD-PASSPHRASE-HERE

Finally, enter the new passphrase:

Enter the new passphrase for this secret key.
Enter passphrase: TYPE-YOUR-new-PASSPHRASE-HERE Repeat passphrase: again-TYPE-YOUR-new-PASSPHRASE-HERE

To save all changes to the key rings and quit, type save at gpg> prompt:

gpg> save

For more information read gpg(1) man page.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 4 comments… read them below or add one }

1 Calin October 14, 2013 at 4:56 am

There’s a typo in first row. Btw, nice article.

Reply

2 Jalal Hajigholamali October 14, 2013 at 10:13 am

Hi,

Thanks a lot for very useful and nice article

Reply

3 Antonio November 12, 2013 at 3:56 pm

Thank you. I searched for this literally for YEARS.

Reply

4 Dan Kozlowski July 6, 2014 at 6:57 pm

You can also use the email address as the key ID (since you likely know it):

“`
gpg –edit-key dan@example.com
“`

Reply

Leave a Comment

Tagged as: , , ,

Previous Faq:

Next Faq: