Поиск в Поддержке

Избегайте мошенников, выдающих себя за службу поддержки. Мы никогда не попросим вас позвонить, отправить текстовое сообщение или поделиться личной информацией. Сообщайте о подозрительной активности, используя функцию «Пожаловаться».

Подробнее

PGP - On-demand unlocking your secret keys

  • 6 ответов
  • 1 имеет эту проблему
  • 5 просмотров
  • Последний ответ от user3844798

more options

Hello everyone,

I wonder how the secret key will be generated within the new native pgp integration. Cause I never had to set a passphrase, when I was once set up my mail encryption in the new thunderbird. When I tried to find information, how excactly Thunderbird would generate the secret keys, I could only find: "Thunderbird doesn't use on-demand unlocking (key passwords) of your secret keys," but nothing more in detail.

Can anyone please lighten me up? Why do I haven't use a passphrase anymore? And how my secret key will be protected then?

Thanks in advance, B.

Hello everyone, I wonder how the secret key will be generated within the new native pgp integration. Cause I never had to set a passphrase, when I was once set up my mail encryption in the new thunderbird. When I tried to find information, how excactly Thunderbird would generate the secret keys, I could only find: "Thunderbird doesn't use on-demand unlocking (key passwords) of your secret keys," but nothing more in detail. Can anyone please lighten me up? Why do I haven't use a passphrase anymore? And how my secret key will be protected then? Thanks in advance, B.

Выбранное решение

In order to transfer your data to another computer, simply copy over the entire Thunderbird profile - job done. http://kb.mozillazine.org/Move_to_a_new_PC

Alternatively you can export your private key. You'll be prompted for a new passphrase when exporting the key.

Прочитайте этот ответ в контексте 👍 1

Все ответы (6)

more options

Thunderbird uses a randomly generated passphrase which itself is protected by the master password (now called primary password). So for your private keys to be protected in the first place you'll have to set a master password. To verify the private keys are indeed protected, check the error console (Ctrl-Shift-J) and look for something like

Found 52 public keys and 4 secret keys (4 protected, 0 unprotected)
more options

Hey Christ1, thanks for the quick response!

This means my certificate is linked only to the thunderbird programm which I use on a single machine. Is there a way to use the old Enigmail Setup, in which I could define a personal passphrase, instead to install the older tb version?

And what if I want to use my certificate on another machine? As far as I understood, do I have to verify EVERY Mailadress to this new machine. If my infrastructure contains more than a few mailadresses, this makes no sense for me to do it this way at all, maybe somebody can explain the benefits of this routine. I want my old Enigmail back! :D

Seriously, I understand that it is more easy to use for users not to deal with a lots of passphrases, but I find it a little restrictive?

Thanks, B.

more options
Is there a way to use the old Enigmail Setup, in which I could define a personal passphrase, instead to install the older tb version?

Yes, there is. See https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards

And what if I want to use my certificate on another machine? As far as I understood, do I have to verify EVERY Mailadress to this new machine.

I don't think I understand what you're trying to achieve. In any case, the easiest way to transfer your Thunderbird data to a new machine is to copy the entire profile.

more options
And what if I want to use my certificate on another machine? As far as I understood, do I have to verify EVERY Mailadress to this new machine.

I don't think I understand what you're trying to achieve. [...]

As far as I understand, when the keys would be randomly generated by i.g. included data linked to the machine I use and if I never know nor linked a passphrase to my personal key by myself, I could never use it on another machine, right? Now I got 20 Recipients with which I would like to commicate via e2ee. And have to verificate every adress to the Thunderbird PGP. If I'd like to use a different thunderbird on my 2nd laptop, I have to verify every key from my recipients again, right? Took a lot of time, if I'm assuming right.

Thanks, B.

more options

Выбранное решение

In order to transfer your data to another computer, simply copy over the entire Thunderbird profile - job done. http://kb.mozillazine.org/Move_to_a_new_PC

Alternatively you can export your private key. You'll be prompted for a new passphrase when exporting the key.

more options

cool, thank you! And sorry for the late answer! B.