Simon Repp on Nostr: (2/2) - During the step "Backup (...) First the old key pair (public & secret):", ...
(2/2)
- During the step "Backup (...) First the old key pair (public & secret):", after the command "gpg --export-secret-keys --armor BF3B5AFCD4480E60 | gpg --symmetric --armor > BF3B5AFCD4480E60.sec" it says "Latest command will ask you for a password 3 times: the first two correspond to the symmetric encryption and the password has to be exactly the same the first two times; third time corresponds to the key pair’s password (the one you set up while creating the new pair)." This slightly confused me, for two reasons: 1) We are exporting the _old_ key pair, but it says "third time corresponds to the key pair’s password (the one you set up while creating the _new_ pair)", so I first was wondering if we are somehow using the new key to encrypt the old key. (but in the end I think I gathered that we just need the old key's passphrase to get it exported here, the mention of "new" is probably an accident). 2) The order seems to be reversed (?) We first export the key (so the first password we enter should be the passphrase of the key itself, and then we pipe the output to gpg --symmetric, and this one then (2nd+3rd passphrase) is the separate passphrase we just use to protect the key for external storage safekeeping?
And that's all. Once again, many thanks for this awesome resource!
- During the step "Backup (...) First the old key pair (public & secret):", after the command "gpg --export-secret-keys --armor BF3B5AFCD4480E60 | gpg --symmetric --armor > BF3B5AFCD4480E60.sec" it says "Latest command will ask you for a password 3 times: the first two correspond to the symmetric encryption and the password has to be exactly the same the first two times; third time corresponds to the key pair’s password (the one you set up while creating the new pair)." This slightly confused me, for two reasons: 1) We are exporting the _old_ key pair, but it says "third time corresponds to the key pair’s password (the one you set up while creating the _new_ pair)", so I first was wondering if we are somehow using the new key to encrypt the old key. (but in the end I think I gathered that we just need the old key's passphrase to get it exported here, the mention of "new" is probably an accident). 2) The order seems to be reversed (?) We first export the key (so the first password we enter should be the passphrase of the key itself, and then we pipe the output to gpg --symmetric, and this one then (2nd+3rd passphrase) is the separate passphrase we just use to protect the key for external storage safekeeping?
And that's all. Once again, many thanks for this awesome resource!