為了改善您的使用體驗,本網站正在進行維護,部分功能暫時無法使用。若本站的文件無法解決您的問題,想要向社群發問的話,請到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 發問,我們的社群成員將很快會回覆您的疑問。

搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

PGP - On-demand unlocking your secret keys

  • 6 回覆
  • 1 有這個問題
  • 2 次檢視
  • 最近回覆由 user3844798

more options

Hello everyone,

I wonder how the secret key will be generated within the new native pgp integration. Cause I never had to set a passphrase, when I was once set up my mail encryption in the new thunderbird. When I tried to find information, how excactly Thunderbird would generate the secret keys, I could only find: "Thunderbird doesn't use on-demand unlocking (key passwords) of your secret keys," but nothing more in detail.

Can anyone please lighten me up? Why do I haven't use a passphrase anymore? And how my secret key will be protected then?

Thanks in advance, B.

Hello everyone, I wonder how the secret key will be generated within the new native pgp integration. Cause I never had to set a passphrase, when I was once set up my mail encryption in the new thunderbird. When I tried to find information, how excactly Thunderbird would generate the secret keys, I could only find: "Thunderbird doesn't use on-demand unlocking (key passwords) of your secret keys," but nothing more in detail. Can anyone please lighten me up? Why do I haven't use a passphrase anymore? And how my secret key will be protected then? Thanks in advance, B.

被選擇的解決方法

In order to transfer your data to another computer, simply copy over the entire Thunderbird profile - job done. http://kb.mozillazine.org/Move_to_a_new_PC

Alternatively you can export your private key. You'll be prompted for a new passphrase when exporting the key.

從原來的回覆中察看解決方案 👍 1

所有回覆 (6)

more options

Thunderbird uses a randomly generated passphrase which itself is protected by the master password (now called primary password). So for your private keys to be protected in the first place you'll have to set a master password. To verify the private keys are indeed protected, check the error console (Ctrl-Shift-J) and look for something like

Found 52 public keys and 4 secret keys (4 protected, 0 unprotected)
more options

Hey Christ1, thanks for the quick response!

This means my certificate is linked only to the thunderbird programm which I use on a single machine. Is there a way to use the old Enigmail Setup, in which I could define a personal passphrase, instead to install the older tb version?

And what if I want to use my certificate on another machine? As far as I understood, do I have to verify EVERY Mailadress to this new machine. If my infrastructure contains more than a few mailadresses, this makes no sense for me to do it this way at all, maybe somebody can explain the benefits of this routine. I want my old Enigmail back! :D

Seriously, I understand that it is more easy to use for users not to deal with a lots of passphrases, but I find it a little restrictive?

Thanks, B.

more options
Is there a way to use the old Enigmail Setup, in which I could define a personal passphrase, instead to install the older tb version?

Yes, there is. See https://wiki.mozilla.org/Thunderbird:OpenPGP:Smartcards

And what if I want to use my certificate on another machine? As far as I understood, do I have to verify EVERY Mailadress to this new machine.

I don't think I understand what you're trying to achieve. In any case, the easiest way to transfer your Thunderbird data to a new machine is to copy the entire profile.

more options
And what if I want to use my certificate on another machine? As far as I understood, do I have to verify EVERY Mailadress to this new machine.

I don't think I understand what you're trying to achieve. [...]

As far as I understand, when the keys would be randomly generated by i.g. included data linked to the machine I use and if I never know nor linked a passphrase to my personal key by myself, I could never use it on another machine, right? Now I got 20 Recipients with which I would like to commicate via e2ee. And have to verificate every adress to the Thunderbird PGP. If I'd like to use a different thunderbird on my 2nd laptop, I have to verify every key from my recipients again, right? Took a lot of time, if I'm assuming right.

Thanks, B.

more options

選擇的解決方法

In order to transfer your data to another computer, simply copy over the entire Thunderbird profile - job done. http://kb.mozillazine.org/Move_to_a_new_PC

Alternatively you can export your private key. You'll be prompted for a new passphrase when exporting the key.

more options

cool, thank you! And sorry for the late answer! B.