lotus

previous page: 7.1. My secret key ring has been stolen or lost, what do I do? (PGP)
  
page up: PGP FAQ
  
next page: 8.1. What are the Public Key Servers? (PGP)

7.2. I forgot my pass phrase. Can I create a key revocation certificate? (PGP)




Description

This article is from the PGP FAQ, by Jeff Licquia jalicqui@prairienet.org with numerous contributions by others.

7.2. I forgot my pass phrase. Can I create a key revocation certificate? (PGP)

YOU CAN'T, since the pass phrase is required to create the
certificate!

The way to avoid this dilemma is to create a key revocation
certificate at the same time that you generate your key pair. Put the
revocation certificate away in a safe place and you will have it
available should the need arise. You need to be careful how you do
this, however, or you will end up revoking the key pair that you just
generated, and a revocation can't be reversed.

To do this, extract your public key to an ASCII file (using the "-kxa"
option) after you have generated your key pair. Next, create a key
revocation certificate and extract the revoked key to another ASCII
file using the -kxa option again. Finally, delete the revoked key from
your public key ring using the - kr option and put your non-revoked
version back in the ring using the -ka option. Save the revocation
certificate on a floppy so that you don't lose it if you crash your
hard disk sometime.

 

Continue to:













TOP
previous page: 7.1. My secret key ring has been stolen or lost, what do I do? (PGP)
  
page up: PGP FAQ
  
next page: 8.1. What are the Public Key Servers? (PGP)