-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

HOW TO CREATE A GPG KEY WITH MORE THAN ONE PASS-PHRASE

this document [is intended to] explain how to create a gpg private key with
more than one pass-phrase.

this allows one pass-phrase for signing, another pass-phrase for a
decryption, etc. the example used here is a fairly basic key, with only a
[primary] signing key and an encryption subkey. what's outlined here can be
used to create any number of different pass-phrases on any number of
subkeys.

============================================================================

doing this requires:
	1) basic knowledge of a command line and how to use it
	2) advanced knowledge of gpg and how to use it
	3) common sense (BACKUP YOUR DATA!!)

please note:
	* this works for me. that does not necessarily mean that it will
		work for you
	* if you screw something up, it's *YOUR* problem, not mine
	* this was tested with GnuPG 1.2.4, and written on or about
		06 May 2004
	* updates, if there are any, will probably be noted above
	* comments and suggestions about this tutorial should be sent to:
		<atom {at} smasher.org>
	* questions about gpg should be sent to the gnupg-users mailing
		list: http://lists.gnupg.org/mailman/listinfo/gnupg-users

============================================================================

I'll be using a test key to demonstrate with:
	$ gpg --list-keys test
	pub 1024D/74D47B17 2004-05-06 Testing (Just a test) <testing@abc.xyz>
	sub 1024g/FD733F0F 2004-05-06

let's say we want to use the pass-phrase "sign" for the DSA key and the
pass-phrase "crypt" for the ElGamal subkey.

first, let's save the key to a file, in case something gets screwed up:
	$ gpg --export 74D47B17 > 74D47B17.pub
	$ gpg --export-secret-key 74D47B17 > 74D47B17.sec

next we'll use "--edit-key" to set the pass-phrase to "sign", if it isn't
already set.

now the fun stuff. the `gpgsplit` command is a fabulous tool that's
fabulously undocumented. as of this writing i can't find any worthwhile
documentation on it. when used as i'm using it here, it ~seems~ to create
files using a naming convention based on the order of the packets (starting
at 1), a dash, the packet type (as described in RFC2440:4.3), a dot, and a
human-readable description of the packet contents.

use gpgsplit to break the secret key into little pieces. the pieces with
the "*secret*" file names are encrypted with the pass-phrase that you just
set. "pass1" becomes the prefix of the file names:
	$ gpg --export-secret-key 74D47B17 | gpgsplit -vp pass1
	gpgsplit: writing `pass1000001-005.secret_key'
	gpgsplit: writing `pass1000002-013.user_id'
	gpgsplit: writing `pass1000003-002.sig'
	gpgsplit: writing `pass1000004-007.secret_subkey'
	gpgsplit: writing `pass1000005-002.sig'

that writes a bunch of files, each of which has a piece of the original
private key.

now, we'll use "--edit-key" (again?) and set the pass-phrase to "crypt".

again, use gpgsplit to break up the key (now using "pass2" as a filename
prefix). this time, the "*secret*" file names are encrypted with the new
pass-phrase.
	$ gpg --export-secret-key 74D47B17 | gpgsplit -vp pass2
	gpgsplit: writing `pass2000001-005.secret_key'
	gpgsplit: writing `pass2000002-013.user_id'
	gpgsplit: writing `pass2000003-002.sig'
	gpgsplit: writing `pass2000004-007.secret_subkey'
	gpgsplit: writing `pass2000005-002.sig'

the file "pass2000004-007.secret_subkey" would seem to contain the ElGamal
encryption key. i can check it using pgpdump:
	$ pgpdump pass2000004-007.secret_subkey
	<<snip>>
		Pub alg - ElGamal Encrypt-Only(pub 16)
		ElGamal p(1024 bits) - ...
		ElGamal g(3 bits) - ...
		ElGamal y(1024 bits) - ...
	<<snip>>

pgpdump confirms that is the file that contains the ElGamal key.

cat all of the files that we want into a file that will become the new key:
	$ cat 	pass1000001-005.secret_key 	\
		pass1000002-013.user_id 	\
		pass1000003-002.sig 		\
		pass2000004-007.secret_subkey 	\
		pass1000005-002.sig > new-key.pgp

note that the file containing the ElGamal key is prefixed with "pass2", and
all of the other files are prefixed with "pass1". remember, the files
prefixed with "pass1" came from the key with then first pass-phrase. files
prefixed "pass2" came from the key with the second pass-phrase. all of that
data gets written to the file "new-key.pgp".

now, delete the secret key from the keyring:
	$ gpg --delete-secret-key 74D47B17

and import the new key into the keyring:
	$ gpg --import new-key.pgp

test to make sure that "sign" is the pass-phrase for the signing key:
	$ date | gpg -u 74D47B17 --clearsign

test to make sure that "crypt" is the pass-phrase for decryption:
	$ date | gpg -ear 74D47B17 | gpg --decrypt

done!

note: if you use "--edit-key" to reset the pass-phrase after doing this,
gpg will want the pass-phrase for the signing key, then the pass-phrase for
the subkey. after updating the pass-phrase using "--edit-key", it will
cause both pass-phrases to be the same.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAoyc9nCgLvz19QeMRAkUqAKCOOrJO9heSUoqnLeZY8qvxXCBrgQCfd6hI
3zRJXVeADM+fAZ6elffEB2k=
=7A2T
-----END PGP SIGNATURE-----