Join the Mozilla’s Test Days event from Dec 2–8 to test the new Firefox address bar on Firefox Beta 134 and get a chance to win Mozilla swag vouchers! 🎁

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

TB 102.2.2 generates pgp key pairs without passphrase

  • 3 antwurd
  • 0 hawwe dit probleem
  • 6 werjeftes
  • Lêste antwurd fan christ1

more options

When I generate a new pgp key pair in Thunderbird, that seems to work, but it never asks for a passphrase and just pretends I now had a working private and public key. I tried it with different email addresses - always the same.

Since I have just upgraded to Ubuntu 22.04 and everything freshly installed, I also imported all the public keys I had to Thunderbird, wich worked well. As I tried to send an encrypted test email with my new strange key pair, thunderbird didn't allow me to use encryption on the email - which I found a bit relieving, since I was having a private key that you don't even need a passphrase for... I have immediately revoked and deleted the new key pairs.

Is that a bug in Thunderbird or am I missing something? I have been using pgp for years, so now I am a bit confused...

When I generate a new pgp key pair in Thunderbird, that seems to work, but it never asks for a passphrase and just pretends I now had a working private and public key. I tried it with different email addresses - always the same. Since I have just upgraded to Ubuntu 22.04 and everything freshly installed, I also imported all the public keys I had to Thunderbird, wich worked well. As I tried to send an encrypted test email with my new strange key pair, thunderbird didn't allow me to use encryption on the email - which I found a bit relieving, since I was having a private key that you don't even need a passphrase for... I have immediately revoked and deleted the new key pairs. Is that a bug in Thunderbird or am I missing something? I have been using pgp for years, so now I am a bit confused...

Alle antwurden (3)

more options
When I generate a new pgp key pair in Thunderbird, that seems to work, but it never asks for a passphrase and just pretends I now had a working private and public key.

That is the way it works. The private key is protected by the primary password, assuming you set one in the first place. If you didn't, it is highly recommended to do so. https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_how-is-my-personal-key-protected

As I tried to send an encrypted test email with my new strange key pair, thunderbird didn't allow me to use encryption on the email

I don't understand what that means. You'd need to be more specific about that, what you did, and what happened. Also see https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_what-is-needed-to-send-an-encrypted-message

I have immediately revoked and deleted the new key pairs.

I'm not sure what you were trying to achieve with this.

Bewurke troch christ1 op

more options

Thanks for your reply!

<q>The private key is protected by the primary password, assuming you set one in the first place.</q>

That seems to be new though. In the last version of TB that I used, the primary password was "just" supposed to protect my mail-accounts' passwords, as the according Mozilla Support page is also still saying: https://support.mozilla.org/en-US/kb/protect-your-thunderbird-passwords-primary-password

Additionally, in that previous version, whenever I generated a new key pair, I had to set a passphrase for each specific key pair. And whenever I received an encrypted email, I had to enter that passphrase (not the 'primary password') to decrypt the email. So, as I understand, that specific pgp passphrase does not exist anymore in the current TB version?

The second thing I mentioned seems to be another topic (first I thought it was connected to this one), so I will leave it out of here for now.

more options
That seems to be new though.

Not really. Thunderbird OpenPGP has been introduced in v78. That was more than a year ago.

Additionally, in that previous version, whenever I generated a new key pair, I had to set a passphrase for each specific key pair.

If that 'previous version' was v68, then you're right. There was the Enigmail add-on providing a GUI for key management, and keys were stored in the gnupg keyring. Starting with TB78, things have changed. https://wiki.mozilla.org/Thunderbird:OpenPGP:Migration-From-Enigmail#GnuPG_vs._RNP_and_key_storage

as I understand, that specific pgp passphrase does not exist anymore in the current TB version?

Things are working different now. Please check the link to the FAQ (already posted above). https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_how-is-my-personal-key-protected

There is a ton of information and documentation available for Thunderbird OpenPGP. The FAQ should be a good start.

Bewurke troch christ1 op