On Jul 8, 2011, at 10:10 AM, Chris Poole wrote: > When changing my secret key's passphrase, I bumped up the s2k-count to > 6553600 (I just added two zeros; I don't notice any slow down when > decrypting on a Core2Duo). > > How can I confirm that this count is being used? > > I ran gpg --list-packets ~/.gnupg/secring.gpg, which told me a number > for "protect count" (in the secret key packet section). Does this map > to the number I gave on the command line when changing my passphrase?
Yes. Note that the list-packets output shows the internal packed value: 6553600 should come out to 201. The default of 65536 would encode to 96. You might file an enhancement bug to print the decoded value in --list-packets. We already print it for symmetric encryption, and it's reasonable to print it for secret keys as well. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users