-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Wed, Jun 22, 2005 at 07:39:54PM +0200, Sergio Gelato wrote:

...

operation, there is little (if any) actual security benefit from using a non-null passphrase and storing it in a separate file; however, some software (e.g., Java) does work that way, and I don't see any harm in

...

Having encrypted private_key.pem and a plain text file private_key.pem.passphrase which contains the encryption password really does not make any sense. Ofcourse both files should be chown root and chmod 400.