https://bugs.kde.org/show_bug.cgi?id=279224
Summary: Kleopatra feature request: should encrypt exported
certificates
Product: kleopatra
Version: 2.0.8
Platform: Debian testing
OS/Version: Linux
Status: UNCONFIRMED
Severity: wishlist
Priority: NOR
Component: general
AssignedTo: kdepim-bugs at kde.org
ReportedBy: jdpf.plus at gmail.com
CC: mutz at kde.org
Version: 2.0.8 (using KDE 4.6.5)
OS: Linux
This is a feature request to encrypt GPG certificates when exporting private
keys. As of Kleopatra 2.0.12, "File --> Export Secret Key..." will copy the GPG
private key in an ASCII armored (if desired) format. This key is unencrypted,
and at risk of compromise. Encrypting the key using a symmetric algorithm is
easy to do with GPG, and would protect users who want/need to have their
private keys on removeable media, or in multiple active locations.
Exporting the public and private GPG keys in an encrypted fashion can be done
using the following commands [1], for example:
gpg -K
gpg --output pubkey.gpg --export {KEYID}
gpg --output - --export-secret-key {KEYID} |\
cat pubkey.gpg - |\
gpg --armor --output keys.asc --symmetric --cipher-algo AES256
pinentry, if installed and configured, will prompt users for a symmetric AES256
passphrase. The resulting asc file will then be encrypted, and can be sent
across a dangerous network, or written to, say, a Flash device. The UI should
make clear that the password is encrypting the asc file only. At present, the
help files for Kleopatra only say "File -> Export Secret Key..." should
basically not be done. This is unhelpful to end users, and is comparatively
easy to fix..
In a related note, eradicating stored data (in this case, the exported private
GPG key), is the subject of debate [2,3,4]. Exporting the file in an encrypted
fashion permits the UI to "do the right thing" even if a user is not well
educated in cryptography. Of course, some explanatory text for the export
dialog would serve users well. In these cases, "shred" is your friend. :-)
[1] http://montemazuma.wordpress.com/2010/03/01/moving-a-gpg-key-privately/
[2] http://en.wikipedia.org/wiki/Data_remanence
[3] http://www.nber.org/sys-admin/overwritten-data-gutmann.html
[4]
http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutmann/index.html
Thanks for making great software!
have a day.yad
jdpf
Reproducible: Always
Steps to Reproduce:
1. Launch Kleopatra.
2. Choose a "certificate"
3. Choose "File --> Export Secret Key..."
4. Read the resulting keyfile, it is the naked GPG private key.
Actual Results:
The resulting keyfile, it is the naked GPG private key.
Expected Results:
Resulting keyfile from "Export Secret Key..." should be AES encrypted. Like so:
gpg -K
gpg --output pubkey.gpg --export {KEYID}
gpg --output - --export-secret-key {KEYID} |\
cat pubkey.gpg - |\
gpg --armor --output keys.asc --symmetric --cipher-algo AES256
Example from
http://montemazuma.wordpress.com/2010/03/01/moving-a-gpg-key-privately/
OS: Linux (x86_64) release 2.6.39-2-amd64
Compiler: gcc
--
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.