Software & AppsOperating SystemLinux

How To Import a Private Key into GPG and Make it Default

Ubuntu 17

In this tutorial, we will walk through the process of importing a private key into GnuPG (GNU Privacy Guard) and setting it as the default key. GnuPG is a free software that allows you to encrypt and sign your data and communication. It features a versatile key management system, along with access modules for all kinds of public key directories.

Quick Answer

To import a private key into GPG and make it the default key, you need to export the key from the source machine using the --export-secret-keys option, transfer the key file to the destination machine, import the key using the --import option, and then modify the gpg.conf file to set the imported key as the default key.

Exporting the Private Key

The first step is to export the private key from the source machine. This can be done using the --export-secret-keys option. The --armor option is used to create an ASCII version of the key.

gpg --export-secret-keys --armor > secret.gpg.key

In this command, --export-secret-keys is the option that tells GnuPG to export the private key. The --armor option tells GnuPG to create an ASCII version of the output. The > operator is used to redirect the output to a file named secret.gpg.key.

Transferring the Key

After exporting the key, you need to transfer the secret.gpg.key file to the destination machine. This can be done using secure methods like SCP (Secure Copy Protocol) or SFTP (SSH File Transfer Protocol).

Importing the Private Key

Once the key file is on the destination machine, you can import it using the --import option. The --allow-secret-key-import option is deprecated and not needed anymore.

gpg --import secret.gpg.key

In this command, --import is the option that tells GnuPG to import keys from a file. secret.gpg.key is the name of the file that contains the keys to be imported.

Verifying the Import

To verify that the private key has been imported successfully, you can list the secret keys using the --list-secret-keys option.

gpg --list-secret-keys

If the private key is not listed, make sure that the key file is correct and that you have the necessary permissions to access it.

Setting the Default Key

To set the imported private key as the default key, you need to modify the gpg.conf file. This file is located in the .gnupg directory in your home directory.

Open the gpg.conf file in a text editor:

nano ~/.gnupg/gpg.conf

Add a line with the default-key configuration parameter, followed by the key ID or long key ID of the desired default key. For example:

default-key 12345678

or

default-key ABCDEFAB12345678

Save the file and exit the text editor. Now, when you sign or encrypt using GnuPG, it will automatically use the specified default key.

Conclusion

In this article, we have covered how to export a private key from a source machine, transfer it to a destination machine, import it into GnuPG, and set it as the default key. These steps can be useful in various scenarios, such as when you need to move your GnuPG setup to a new machine or when you want to use a specific key for all your GnuPG operations. Remember to always keep your private keys secure to prevent unauthorized access to your data.

Can I import a private key into GPG from any machine?

Yes, you can import a private key into GPG from any machine as long as you have the necessary permissions to access the key file.

What is the purpose of exporting the private key as an ASCII version?

Exporting the private key as an ASCII version allows for easy transfer and sharing of the key file, as it can be opened and read by any text editor.

How can I transfer the key file to the destination machine securely?

You can transfer the key file to the destination machine securely using methods like SCP (Secure Copy Protocol) or SFTP (SSH File Transfer Protocol).

What should I do if the imported private key is not listed?

If the imported private key is not listed when using the --list-secret-keys option, make sure that the key file is correct and that you have the necessary permissions to access it.

Can I set any imported private key as the default key?

Yes, you can set any imported private key as the default key by modifying the gpg.conf file and specifying the key ID or long key ID of the desired default key.

Leave a Comment

Your email address will not be published. Required fields are marked *