I have forgotten my passphrase for my secret GPG key, and I want to export it, so that I can brute force it with a few likely ones.
However, running gpg --export-secret-keys will always make the gpg-agent ask for my passphrase, no matter the options I give to gpg. --batch, --yes, and --passphrase-fd have no effect.
I am running GPG 2.1.15.
I tried exporting a secret key on a machine running GPG 2.0.22 with no troubles. Is it still possible to do this?
If not, my key is lost.
You can transfer the key "by hand" as follows, without attempting to decrypt it:
# create temporary destination dir
mkdir -m 700 /tmp/alt-gnupg
# transfer public keys using export/import, assuming name "user-000"
gpg2 --export user-000 | gpg2 --homedir /tmp/alt-gnupg --import
# transfer private keys using file copy
for g in $(gpg2 --list-keys --with-keygrip --with-colons 'user-000' |
awk -F: '$1=="grp" {print $10}'); do
cp ~/.gnupg/private-keys-v1.d/$g.key /tmp/alt-gnupg/private-keys-v1.d
done
# check you got them
gpg2 --homedir /tmp/alt-gnupg --list-secret-keys
This works because the private keys are stored in files of the form <keygrip>.key, and we can find the keygrips without unlocking.
To brute-force the keys:
# use alternate gnupg dir
export GNUPGHOME=/tmp/alt-gnupg
# create dummy encrypted file
echo hello |
gpg2 --encrypt --recipient user-000 --armor >/tmp/msg.asc
# tell gpg-agent to accept loopback pinentry
echo allow-loopback-pinentry >${GNUPGHOME}/gpg-agent.conf
# restart gpg-agent
gpg-connect-agent /bye
# and now...
for p in pass1 pass2; do
gpg2 --batch --pinentry-mode=loopback --passphrase "$p" --quiet --decrypt /tmp/msg.asc >/dev/null 2>&1 && echo "yes!! pass: $p"
done
