I asking for some guidance how to recover/reset the passphrase in Kleo in order to decrypt files by using a public gpg key.
I saw there is an option to change the pas passphrase but unfortunately requires to use also the old passphrase which I am afraid I forgot it. This is a new paired key so I haven’t gotten a chance to create a backup as well. I read the guide manual available and troubleshooting links available in the software website but I couldn’t find any scenario to cover this issues.
Any recommendations will be appreciated
I am sorry to say this but there is no way to recover the password.
Of course in such a case where the owner wants to recover the password this functionality would be helpful. On the other hand the encryption would be less secure because if someone else would have access to your keys this person had no additional obstacle before she/he could misuse your secret key.
I understand the issue.
Would you suggest to create a new key within Kleopatra software and revoke the old one.
Does Kleopatra allow me to create a new passphrase when I create a new key?
What other suggestion or steps I can follow in order to get a new key and a new passphrase active.
Any help will be appreciated.
you can only revoke a key if you know the passphrase. But this is only helpful if you uploaded the key on a server. Because than you can upload the revoked key to show everyone that they shouldn’t use the old key anymore.
In Kleopatra you can create as many keys as you want and each with a different passphrase. Just create a key pair as you did with the first one and Kleopatra will ask you if you want to protect the new key with a passphrase.
In this tutorial (https://wiki.gnupg.org/Gpg4win/Tutorials/KeyPairCreation) you can find an overview of the steps that you can take while creating a new key.
some additional hints:
Some versions of GnuPG already create a revocation certificate automaticially if you create a keypar. You maybe able to use this one if you have lost your passphrase.
Revocation may not be necessary if your pubkey was not published widely (so check the public keyservers, if it is on there, revocation is good.)
Yes, it is fine to create a new keypair, e.g. if you lost access to your old one.