NAME

protect-secretkey - protect the secret decryption value with a new passphrase

SYNOPSIS

protect-secretkey signingkey | encryptionkey outfile

DESCRIPTION

The program prompts the user for a new passphrase which is used to protect the secret decryption value with PCP's protection mechanism. A separate output file will be created to hold the new protected signingkey or encryptionkey. The input files will be either signingkey or encryptionkey located in PCP's home directory depending on the command line arguments. No other file can be processed with this program for security reasons.

If you use the program to protect an unprotected key make sure that the unprotected data is wiped from the filesystem reliably. Finally the secret key used by PCP has to be replaced with "outfile" for the new key to become effective.

You may invoke the program as follows

protect-secretkey signingkey $HOME/.pcp/signingkey to replace the signingkey with the new one in one step, provided you have a backup of the signingkey being overwritten.

CONFIGURATION FILES

$HOME/.pcp/pcp-mode PURE mode is enabled with "pure" in the first line. The default is CONSERVATIVE. c:\pcp\pcp-mode Is the location under WINDOWS.

AUTHOR

Written by Ralf Senderek.

COPYRIGHT

All rights reserved. © 2003
This is free software. Use this software on your own risk or not at all. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

SEE ALSO

pcp - the Pure Crypto Program (http://senderek.de/pcp)
read-pgpkey, read-sshkey, read-opensslkey, sechash, check-keys