Discussion:
GPG passphrase size limit?
(too old to reply)
wanna_use_pgp_again
2010-06-26 20:23:54 UTC
Permalink
Is there a limit to how long a passphrase for gpg can be?

I've just made a new set of keys and I've used a rather long string
for the passphrase. It's 289 characters long. And when I go to test
the new keys out I get a "bad passphrase" notice and signing, etc.
fails.

The problem can't be that I've gotten the passphrase wrong because I
pasted it from the same string in notepad++ each time. And I had the
"hide typing" option off to make sure that I'd gotten it right.

Is there a passphrase size limit? If so how many characters is it?
Nomen Nescio
2010-06-26 22:08:27 UTC
Permalink
Post by wanna_use_pgp_again
Is there a limit to how long a passphrase for gpg can be?
FUCK OFF EELBASH!
Post by wanna_use_pgp_again
I've just made a new set of keys and I've used a rather
long string for the passphrase. It's 289 characters long.
And when I go to test the new keys out I get a "bad
passphrase" notice and signing, etc. fails.
SHUT UP EELBASH!
Post by wanna_use_pgp_again
The problem can't be that I've gotten the passphrase wrong
because I pasted it from the same string in notepad++ each
time. And I had the "hide typing" option off to make sure
that I'd gotten it right.
SHUT UP AND FUCK OFF EELBASH!
Post by wanna_use_pgp_again
Is there a passphrase size limit?
FUCK OFF AND SHUT UP EELBASH!
Post by wanna_use_pgp_again
If so how many characters is it?
SHUT UP AND FUCK OFF EELBASH!
David W. Hodgins
2010-06-26 22:18:42 UTC
Permalink
Post by wanna_use_pgp_again
Is there a limit to how long a passphrase for gpg can be?
I've just made a new set of keys and I've used a rather long string
for the passphrase. It's 289 characters long. And when I go to test
the new keys out I get a "bad passphrase" notice and signing, etc.
fails.
I don't know what the problem is, but it shouldn't be a length problem,
as the passphrase is only used as input to a hash algorithm.
http://lists.gnupg.org/pipermail/gnupg-users/2008-October/034819.html

Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
wanna_use_pgp_again
2010-06-29 00:26:27 UTC
Permalink
On Sat, 26 Jun 2010 18:18:42 -0400, "David W. Hodgins"
Post by David W. Hodgins
Post by wanna_use_pgp_again
Is there a limit to how long a passphrase for gpg can be?
I've just made a new set of keys and I've used a rather long string
for the passphrase. It's 289 characters long. And when I go to test
the new keys out I get a "bad passphrase" notice and signing, etc.
fails.
I don't know what the problem is, but it shouldn't be a length problem,
as the passphrase is only used as input to a hash algorithm.
http://lists.gnupg.org/pipermail/gnupg-users/2008-October/034819.html
Thanks for this. It tells me that the problem I'm having isn't because
the passphrase is too long. Now I need to see if I've done something
stupid that's causing the problem.
David W. Hodgins
2010-06-29 03:00:24 UTC
Permalink
Post by wanna_use_pgp_again
Thanks for this. It tells me that the problem I'm having isn't because
the passphrase is too long. Now I need to see if I've done something
stupid that's causing the problem.
What os are you using? It may be an os imposed limit.
Try setting it up to read it from a file, for testing.

Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
wanna_use_pgp_again
2010-06-29 08:28:24 UTC
Permalink
On Mon, 28 Jun 2010 23:00:24 -0400, "David W. Hodgins"
Post by David W. Hodgins
Post by wanna_use_pgp_again
Thanks for this. It tells me that the problem I'm having isn't because
the passphrase is too long. Now I need to see if I've done something
stupid that's causing the problem.
What os are you using? It may be an os imposed limit.
Try setting it up to read it from a file, for testing.
I'm using Windows Vista.

GPG can read the passphrase from a file? How do I get it to do that?
George Orwell
2010-06-26 22:24:25 UTC
Permalink
Post by wanna_use_pgp_again
Is there a limit to how long a passphrase for gpg can be?
FUCK OFF EELBASH!
Post by wanna_use_pgp_again
I've just made a new set of keys and I've used a rather
long string for the passphrase. It's 289 characters long.
And when I go to test the new keys out I get a "bad
passphrase" notice and signing, etc. fails.
SHUT UP EELBASH!
Post by wanna_use_pgp_again
The problem can't be that I've gotten the passphrase wrong
because I pasted it from the same string in notepad++ each
time. And I had the "hide typing" option off to make sure
that I'd gotten it right.
SHUT UP AND FUCK OFF EELBASH!
Post by wanna_use_pgp_again
Is there a passphrase size limit?
FUCK OFF AND SHUT UP EELBASH!
Post by wanna_use_pgp_again
If so how many characters is it?
SHUT UP AND FUCK OFF EELBASH!


Il mittente di questo messaggio|The sender address of this
non corrisponde ad un utente |message is not related to a real
reale ma all'indirizzo fittizio|person but to a fake address of an
di un sistema anonimizzatore |anonymous system
Per maggiori informazioni |For more info
https://www.mixmaster.it
Anonymous
2010-06-26 22:53:03 UTC
Permalink
Post by wanna_use_pgp_again
Is there a limit to how long a passphrase for gpg can be?
FUCK OFF EELBASH!
Post by wanna_use_pgp_again
I've just made a new set of keys and I've used a rather
long string for the passphrase. It's 289 characters long.
And when I go to test the new keys out I get a "bad
passphrase" notice and signing, etc. fails.
SHUT UP EELBASH!
Post by wanna_use_pgp_again
The problem can't be that I've gotten the passphrase wrong
because I pasted it from the same string in notepad++ each
time. And I had the "hide typing" option off to make sure
that I'd gotten it right.
SHUT UP AND FUCK OFF EELBASH!
Post by wanna_use_pgp_again
Is there a passphrase size limit?
FUCK OFF AND SHUT UP EELBASH!
Post by wanna_use_pgp_again
If so how many characters is it?
SHUT UP AND FUCK OFF EELBASH!
wanna_use_pgp_again
2010-07-02 03:12:14 UTC
Permalink
On Sat, 26 Jun 2010 16:23:54 -0400, wanna_use_pgp_again
Post by wanna_use_pgp_again
Is there a limit to how long a passphrase for gpg can be?
I've just made a new set of keys and I've used a rather long string
for the passphrase. It's 289 characters long. And when I go to test
the new keys out I get a "bad passphrase" notice and signing, etc.
fails.
The problem can't be that I've gotten the passphrase wrong because I
pasted it from the same string in notepad++ each time. And I had the
"hide typing" option off to make sure that I'd gotten it right.
Is there a passphrase size limit? If so how many characters is it?
For anyone else who may run into this problem, I have sort of solved
it.

I finally went into WinPT, brought up the Key Manager and clicked on
"Change Password." It required that I put my password in, the same
password that's been giving me the "bad passphrase" problem. So I did
it, and it offered me the chance to change it! I changed it and tried
to sign something and it worked! I had changed my passphrase to
something that didn't choke gpg.

I don't know why it worked, but there it is for anyone else who may
have a similar passphrase problem.
;eoruc.com
2010-07-02 07:27:46 UTC
Permalink
On Thu, 01 Jul 2010 23:12:14 -0400, wanna_use_pgp_again
Post by wanna_use_pgp_again
On Sat, 26 Jun 2010 16:23:54 -0400, wanna_use_pgp_again
Post by wanna_use_pgp_again
Is there a limit to how long a passphrase for gpg can be?
I've just made a new set of keys and I've used a rather long string
for the passphrase. It's 289 characters long. And when I go to test
the new keys out I get a "bad passphrase" notice and signing, etc.
fails.
The problem can't be that I've gotten the passphrase wrong because I
pasted it from the same string in notepad++ each time. And I had the
"hide typing" option off to make sure that I'd gotten it right.
Is there a passphrase size limit? If so how many characters is it?
For anyone else who may run into this problem, I have sort of solved
it.
I finally went into WinPT, brought up the Key Manager and clicked on
"Change Password." It required that I put my password in, the same
password that's been giving me the "bad passphrase" problem. So I did
it, and it offered me the chance to change it! I changed it and tried
to sign something and it worked! I had changed my passphrase to
something that didn't choke gpg.
I don't know why it worked, but there it is for anyone else who may
have a similar passphrase problem.
I use PGP 6.5.8 freebie. It allows me to use a passphrase of words
that is well over a hundred characters. Yeah, I've been told before
what ridiculous overkill that is, but I get amused at the thought of
anybody trying to break it. :o)
wanna_use_pgp_again
2010-07-03 04:59:47 UTC
Permalink
Post by ;eoruc.com
....
I use PGP 6.5.8 freebie. It allows me to use a passphrase of words
that is well over a hundred characters. Yeah, I've been told before
what ridiculous overkill that is, but I get amused at the thought of
anybody trying to break it. :o)
There are some amusements available with this encryption stuff.

If people gain access to your computer, though, they might find where
you've stored that passphrase. I'm assuming you don't type it all in
from your own wetware memory every time.

I'm largely satisfied with being able to sign things digitally and
have it mean something.
;eoruc.com
2010-07-03 13:55:31 UTC
Permalink
On Sat, 03 Jul 2010 00:59:47 -0400, wanna_use_pgp_again
Post by wanna_use_pgp_again
Post by ;eoruc.com
....
I use PGP 6.5.8 freebie. It allows me to use a passphrase of words
that is well over a hundred characters. Yeah, I've been told before
what ridiculous overkill that is, but I get amused at the thought of
anybody trying to break it. :o)
There are some amusements available with this encryption stuff.
If people gain access to your computer, though, they might find where
you've stored that passphrase. I'm assuming you don't type it all in
from your own wetware memory every time.
I'm largely satisfied with being able to sign things digitally and
have it mean something.
That passphrase exists no where but in my own head. Nowhere else.
But before they can work on that one, which guards my BestCrypt
volumes, they have to crack a passphrase containing about half that
size in order to get into my TrueCrypt encrypted drive - and that one
also exists only in my head and nowhere else.

Yeah, if I forget 'em, I'm screwed. So far, I haven't forgotten them
in the past 5 years. Also, I ain't worried about the FBI, or such
outfits as NSA. I'm not worth their time. Just want to keep those in
my own small world out of my personal business. My porn collection of
Winnie-the-pooh and The Mad Hatter do Alice In Wonderland is strictly
for me.
wanna_use_pgp_again
2010-07-03 19:37:05 UTC
Permalink
Post by ;eoruc.com
On Sat, 03 Jul 2010 00:59:47 -0400, wanna_use_pgp_again
Post by wanna_use_pgp_again
Post by ;eoruc.com
....
I use PGP 6.5.8 freebie. It allows me to use a passphrase of words
that is well over a hundred characters. Yeah, I've been told before
what ridiculous overkill that is, but I get amused at the thought of
anybody trying to break it. :o)
There are some amusements available with this encryption stuff.
If people gain access to your computer, though, they might find where
you've stored that passphrase. I'm assuming you don't type it all in
from your own wetware memory every time.
I'm largely satisfied with being able to sign things digitally and
have it mean something.
That passphrase exists no where but in my own head. Nowhere else.
But before they can work on that one, which guards my BestCrypt
volumes, they have to crack a passphrase containing about half that
size in order to get into my TrueCrypt encrypted drive - and that one
also exists only in my head and nowhere else.
Yeah, if I forget 'em, I'm screwed.
In my early days of experimenting with this sort of stuff I did it
similarly. Since then some things have changed enough that I find it
better to store passphrases in various ways. There are things I need
to access only every several years, and I can't count on remembering a
strong passphrase for that long.
Post by ;eoruc.com
So far, I haven't forgotten them in the past 5 years.
Yeah, 5 years isn't so long. I think I relied on memorization for
longer than that.
Post by ;eoruc.com
Also, I ain't worried about the FBI, or such
outfits as NSA. I'm not worth their time. Just want to keep those in
my own small world out of my personal business.
For most of us that's about it. The government agencies will get the
information in other ways if they actually want it.
Post by ;eoruc.com
My porn collection of
Winnie-the-pooh and The Mad Hatter do Alice In Wonderland is strictly
for me.
I'm especially fond of the Dormouse/Cheshire Cat/Red Queen threesome
videos.
;eoruc.com
2010-07-04 03:16:16 UTC
Permalink
On Sat, 03 Jul 2010 15:37:05 -0400, wanna_use_pgp_again
Post by wanna_use_pgp_again
Post by ;eoruc.com
On Sat, 03 Jul 2010 00:59:47 -0400, wanna_use_pgp_again
Post by wanna_use_pgp_again
Post by ;eoruc.com
....
I use PGP 6.5.8 freebie. It allows me to use a passphrase of words
that is well over a hundred characters. Yeah, I've been told before
what ridiculous overkill that is, but I get amused at the thought of
anybody trying to break it. :o)
There are some amusements available with this encryption stuff.
If people gain access to your computer, though, they might find where
you've stored that passphrase. I'm assuming you don't type it all in
from your own wetware memory every time.
I'm largely satisfied with being able to sign things digitally and
have it mean something.
That passphrase exists no where but in my own head. Nowhere else.
But before they can work on that one, which guards my BestCrypt
volumes, they have to crack a passphrase containing about half that
size in order to get into my TrueCrypt encrypted drive - and that one
also exists only in my head and nowhere else.
Yeah, if I forget 'em, I'm screwed.
In my early days of experimenting with this sort of stuff I did it
similarly. Since then some things have changed enough that I find it
better to store passphrases in various ways. There are things I need
to access only every several years, and I can't count on remembering a
strong passphrase for that long.
Post by ;eoruc.com
So far, I haven't forgotten them in the past 5 years.
Yeah, 5 years isn't so long. I think I relied on memorization for
longer than that.
I use mine everyday. Many times a day, matter of fact. If I need
others they are stored on a number of BestCrypt volumes on one of my
outboard drives. What it comes down to is if I forget the main ones
to access my TrueCrypt C: or the BestCrypt volumes, then I'm up the
creek. But since I use them so frequently during each day, the only
way I could forget them is a stroke or some other mentally
incapacitating health problem.
Post by wanna_use_pgp_again
Post by ;eoruc.com
Also, I ain't worried about the FBI, or such
outfits as NSA. I'm not worth their time. Just want to keep those in
my own small world out of my personal business.
For most of us that's about it. The government agencies will get the
information in other ways if they actually want it.
Post by ;eoruc.com
My porn collection of
Winnie-the-pooh and The Mad Hatter do Alice In Wonderland is strictly
for me.
I'm especially fond of the Dormouse/Cheshire Cat/Red Queen threesome
videos.
I'm going to have to Google for that one. :o)

Loading...