-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Jun 22, 2005 at 07:39:54PM +0200, Sergio Gelato wrote:

...

operation, there is little (if any) actual security benefit from using a non-null passphrase and storing it in a separate file; however, some software (e.g., Java) does work that way, and I don't see any harm in ...

Having encrypted private_key.pem and a plain text file private_key.pem.passphrase which contains the encryption password really does not make any sense. Ofcourse both files should be chown root and chmod 400. -----BEGIN PGP SIGNATURE----- iD8DBQFCumGtFw6SP/bBpCARAp52AJ9cOGOgwTqnuDN82ubkU5Vk3uieWgCdHQSS tBmrJ3voYiHwD9hJOwtwocM= =+cCS -----END PGP SIGNATURE-----