GPG Keys

Owned by Daniel Stonier
Last updated: Jan 30, 2017
1 min read


Create Keys

The command gpg --create-key will go through the process of creating a public and private key. The public key you typically share with keyservers, e.g. keyserver.ubuntu.com for ppa's. The private key you need locally for doing signing to work with a public key on the other end.

  • You can see the created keys with gpg --list-keys and gpg --list-secret-keys resp.
  • You can usually get your public key down from a keyserver easily, e.g. gpg --keyserver keyserver.ubuntu.com --recv 46301634 where the last number is the public key id.
  • The private key you need to keep a copy of yourself and copy from one computer to another

Moving Keys

Export
# Check what is there
$ gpg --list-keys
/home/snorri/.gnupg/pubring.gpg
-------------------------------
pub   2048R/CCACCFBD 2016-12-30
uid                  Daniel Stonier <d.stonier@gmail.com>
sub   2048R/4338D5D7 2016-12-30
$ gpg --list-secret-keys
...
# Export Key CCACCFBD
$ gpg --output snorri-public.gpg --armor --export CCACCFBD
$ gpg --output snorri-private.gpg --armor --export-secret-key CCACCFBD
# Copy to other machine
$ scp snorri-*.gpg user@other:

Import
$ gpg --import snorri-public.gpg
$ gpg --allow-secret-key-import --import snorri-private.gpg

Key Management


# Show Keys
$ gpg --list-keys
/home/snorri/.gnupg/pubring.gpg
-------------------------------
pub   2048R/46301634 2012-12-19
uid                  Daniel Stonier <d.stonier@gmail.com>
sub   2048R/617B4996 2012-12-19

pub   4096R/D39DC0E3 2014-10-28
uid                  Michal Papis (RVM signing) <mpapis@gmail.com>
# Show secret keys
$ gpg --list-secret-keys
# Delete a key (via user name)
$ gpg --delete-key "Michal Papis"