At some point I found myself wanting to move/copy my GPG keys. Since I didn’t find the exact answer I was looking for, this is a quick writeup detailing the steps required.
Listing your GPG keys
First we need to know the details of the GPG keys we’re going to move, specifically the Key ID.
# To list the keys in your public key ring: gpg --list-keys # To list the keys in your secret key ring: gpg --list-secret-keys
Exporting the GPG keys
keyid with the Key ID found in the previous step.
# Export the secret key gpg --export-secret-keys -a [keyid] > private_key.asc # Export the public key gpg --export -a [keyid] > public_key.asc
Now you should have 2 keys available, which you can securely copy them to the second machine you want to use them on.
Importing the GPG keys
To import the GPG keys on your second machine:
# Import the private key gpg --import private_key.asc # Import the public key gpg --import public_key.asc
This imports the keys, but they cannot be used yet.
To activate the key, run:
gpg --edit-key firstname.lastname@example.org
email@example.com is the email address associated with your GPG key.
This opens the GPG command prompt:
gpg (GnuPG) 2.2.15; Copyright (C) 2019 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Secret key is available. [your keys here] gpg>
Activating the GPG keys
From the GPG command line, type:
trust and press
You should see something like below:
gpg> trust Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu Your decision?
Only if this is your main GPG key, you should choose ultimate trust by choosing
5 and pressing
You should now be able to use your GPG key on your other machine!