Този сайт ще има ограничена функционалност, докато се извършва тече неговата поддръжка. Ако дадена статия не може реши проблема ви и искате да зададете въпрос, нашата общност е готова да ви помогне на @firefox в Twitter и /r/firefox в Reddit.

Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Научете повече

TB 102.2.2 generates pgp key pairs without passphrase

  • 3 отговора
  • 0 имат този проблем
  • 6 изгледи
  • Последен отговор от christ1

more options

When I generate a new pgp key pair in Thunderbird, that seems to work, but it never asks for a passphrase and just pretends I now had a working private and public key. I tried it with different email addresses - always the same.

Since I have just upgraded to Ubuntu 22.04 and everything freshly installed, I also imported all the public keys I had to Thunderbird, wich worked well. As I tried to send an encrypted test email with my new strange key pair, thunderbird didn't allow me to use encryption on the email - which I found a bit relieving, since I was having a private key that you don't even need a passphrase for... I have immediately revoked and deleted the new key pairs.

Is that a bug in Thunderbird or am I missing something? I have been using pgp for years, so now I am a bit confused...

When I generate a new pgp key pair in Thunderbird, that seems to work, but it never asks for a passphrase and just pretends I now had a working private and public key. I tried it with different email addresses - always the same. Since I have just upgraded to Ubuntu 22.04 and everything freshly installed, I also imported all the public keys I had to Thunderbird, wich worked well. As I tried to send an encrypted test email with my new strange key pair, thunderbird didn't allow me to use encryption on the email - which I found a bit relieving, since I was having a private key that you don't even need a passphrase for... I have immediately revoked and deleted the new key pairs. Is that a bug in Thunderbird or am I missing something? I have been using pgp for years, so now I am a bit confused...

Всички отговори (3)

more options
When I generate a new pgp key pair in Thunderbird, that seems to work, but it never asks for a passphrase and just pretends I now had a working private and public key.

That is the way it works. The private key is protected by the primary password, assuming you set one in the first place. If you didn't, it is highly recommended to do so. https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_how-is-my-personal-key-protected

As I tried to send an encrypted test email with my new strange key pair, thunderbird didn't allow me to use encryption on the email

I don't understand what that means. You'd need to be more specific about that, what you did, and what happened. Also see https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_what-is-needed-to-send-an-encrypted-message

I have immediately revoked and deleted the new key pairs.

I'm not sure what you were trying to achieve with this.

Променено на от christ1

more options

Thanks for your reply!

<q>The private key is protected by the primary password, assuming you set one in the first place.</q>

That seems to be new though. In the last version of TB that I used, the primary password was "just" supposed to protect my mail-accounts' passwords, as the according Mozilla Support page is also still saying: https://support.mozilla.org/en-US/kb/protect-your-thunderbird-passwords-primary-password

Additionally, in that previous version, whenever I generated a new key pair, I had to set a passphrase for each specific key pair. And whenever I received an encrypted email, I had to enter that passphrase (not the 'primary password') to decrypt the email. So, as I understand, that specific pgp passphrase does not exist anymore in the current TB version?

The second thing I mentioned seems to be another topic (first I thought it was connected to this one), so I will leave it out of here for now.

more options
That seems to be new though.

Not really. Thunderbird OpenPGP has been introduced in v78. That was more than a year ago.

Additionally, in that previous version, whenever I generated a new key pair, I had to set a passphrase for each specific key pair.

If that 'previous version' was v68, then you're right. There was the Enigmail add-on providing a GUI for key management, and keys were stored in the gnupg keyring. Starting with TB78, things have changed. https://wiki.mozilla.org/Thunderbird:OpenPGP:Migration-From-Enigmail#GnuPG_vs._RNP_and_key_storage

as I understand, that specific pgp passphrase does not exist anymore in the current TB version?

Things are working different now. Please check the link to the FAQ (already posted above). https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_how-is-my-personal-key-protected

There is a ton of information and documentation available for Thunderbird OpenPGP. The FAQ should be a good start.

Променено на от christ1