GPG Change Passphrase Secret Key Password Command

I know how to cange a passphrase for openssh using ssh-keygen command. How do I change a GPG encryption key’s passphrase on Linux or Unix like operating systems? How do I change the passphrase of the secret key using gpg?

Tutorial details
DifficultyEasy (rss)
Root privilegesNo
RequirementsGNU gpg
Time2m
gpg is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a tool to provide digital encryption and signing services using the OpenPGP standard. You can use the gpg command for complete key management including setting up keys, change key passphrase, list keys and much more.

ADVERTISEMENTS

Change the passphrase of the secret key

The syntax is:
gpg --edit-key Your-Key-ID-Here
gpg> passwd
gpg> save

You need type the passwd command followed by the save command at gpg> prompt to change the passphrase for your key-ID.

Examples

First, list your keys with the following command:

gpg --list-keys

Sample outputs:

/root/.gnupg/pubring.gpg
------------------------
pub   4096R/9AABBCD8 2013-10-04
uid                  Home Nas Server (Home Nas Server Backup) 
sub   4096R/149D60C7 2013-10-04

You need to note down the public key 9AABBCD8. Next, type the following command:

gpg --edit-key 9AABBCD8

Sample outputs:

gpg (GnuPG) 1.4.12; Copyright (C) 2012 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
pub 4096R/9AABBCD8 created: 2013-10-04 expires: never usage: SC trust: ultimate validity: ultimate sub 4096R/149D60C7 created: 2013-10-04 expires: never usage: E [ultimate] (1). Home Nas Server (Home Nas Server Backup)
gpg>

Type the passwd command at gpg> prompt to change the passphrase:

gpg> passwd

You need to supply old passphrase to unlock the secret key:

Key is protected.
You need a passphrase to unlock the secret key for user: "Home Nas Server (Home Nas Server Backup) " 4096-bit RSA key, ID 9AABBCD8, created 2013-10-04
Enter passphrase: TYPE-YOUR-OLD-PASSPHRASE-HERE

Finally, enter the new passphrase:

Enter the new passphrase for this secret key.
Enter passphrase: TYPE-YOUR-new-PASSPHRASE-HERE Repeat passphrase: again-TYPE-YOUR-new-PASSPHRASE-HERE

To save all changes to the key rings and quit, type save at gpg> prompt:

gpg> save

For more information read gpg(1) man page.

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
6 comments… add one
  • Calin Oct 14, 2013 @ 4:56

    There’s a typo in first row. Btw, nice article.

  • Jalal Hajigholamali Oct 14, 2013 @ 10:13

    Hi,

    Thanks a lot for very useful and nice article

  • Antonio Nov 12, 2013 @ 15:56

    Thank you. I searched for this literally for YEARS.

  • Dan Kozlowski Jul 6, 2014 @ 18:57

    You can also use the email address as the key ID (since you likely know it):

    “`
    gpg –edit-key dan@example.com
    “`

  • Jonas Nov 13, 2014 @ 8:14

    Its my first time having errors with my launchpad passphrase. This is very helpful.

    Thank you so much!!

  • Warren Sep 2, 2016 @ 3:39

    Been having a problem getting gpg-agent to ask for passphrases. It won’t. Have spent two whole days trying every solution I could find on the web, with no joy. In this case:

    gpg> passwd
    Key is protected.

    You need a passphrase to unlock the secret key for
    user: "Warren Severin (replaces 3CF67BAB6C4105E8 which has been revoked) "
    2048-bit RSA key, ID 6EE32E11, created 2012-12-09

    gpg: cancelled by user
    Can't edit this key: bad passphrase

    gpg>

    Never asked for a passphrase. Any help appreciated. Thanks!

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.