It seems that the only way to upload a openpgp key to the UTM is not to have pass phrase associated. This very convenient but not very secure way.Is there a plan to add an option for passphrase ?
The key is stored on the UTM. To access it, someone would need to have (root) access to your UTM. Once someone you don't trust has root access on your box, you have bigger problems than this one key. And a passphrase would not help in any way, so we would have to store that passphrase too. So, if someone has rooted your box, he has the key and the passphrase.
So, a passphrase gains you nothing, which means, no, we are not considering this as a feature.
This is true if you use the key only for your UTM and not other applications. for example let's assume you want to migrate users to the UTM solution and they were using opengpg before (using essentially plugins for their email clients).
