LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 01-11-2016, 11:17 PM   #1
tarken
Member
 
Registered: Jan 2010
Location: Portland
Distribution: Kubuntu
Posts: 82

Rep: Reputation: 16
How to share GPG key across systems


GPG users,

How do you share your GPG key securely on each system. Are you simply storing them on each machine, are you use cloud storage (seems like a horrible idea), SD cards?

tark
 
Old 01-12-2016, 04:08 PM   #2
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
My public key is on the interwebs.
My private key stays, well private.

USB sounds reasonable for such.
Define "share".
 
Old 01-12-2016, 05:54 PM   #3
tarken
Member
 
Registered: Jan 2010
Location: Portland
Distribution: Kubuntu
Posts: 82

Original Poster
Rep: Reputation: 16
Sharing across multiple systems like a laptop and a desktop. A work machine and home machine. I guess I could use a USB key, I would just hate to lose it somewhere one day...
 
Old 01-13-2016, 01:39 PM   #4
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181Reputation: 3181
The easy and customary way is to upload the public key to a well known key-server, such as pgp.mit.edu, then circulate its "key signature," which is an eight-digit hexadecimal number like 12AB-34CD. This is one way to allow the public key to be retrieved from the server.

On larger systems, there are other ways to do it. For instance, public keys can be stored in an LDAP ("OpenDirectory") server.

Since they, are ... well ... public, their contents do not have to be concealed. You just need a convenient way to manage them.
 
1 members found this post helpful.
Old 01-13-2016, 10:25 PM   #5
tarken
Member
 
Registered: Jan 2010
Location: Portland
Distribution: Kubuntu
Posts: 82

Original Poster
Rep: Reputation: 16
I did not explicitly say, but I have been meaning my private key.
 
Old 01-14-2016, 12:31 AM   #6
sgosnell
Senior Member
 
Registered: Jan 2008
Location: Baja Oklahoma
Distribution: Debian Stable and Unstable
Posts: 1,384

Rep: Reputation: 390Reputation: 390Reputation: 390Reputation: 390
It's stored on each device you've imported it to. No need for it again, unless you want to import it to a new system. You can export it to a flash drive and then delete it after the import. You can keep a copy of it somewhere if you want, but it's risky. You can encrypt it somehow, via an encrypted drive or file like veracrypt/truecrypt, or encrypt it with gpg. It's safer left in your gpg app, though.

Last edited by sgosnell; 01-14-2016 at 12:50 AM.
 
Old 01-14-2016, 07:25 AM   #7
maples
Member
 
Registered: Oct 2013
Location: IN, USA
Distribution: Arch, Debian Jessie
Posts: 814

Rep: Reputation: 265Reputation: 265Reputation: 265
Quote:
Originally Posted by tarken View Post
I did not explicitly say, but I have been meaning my private key.
To export your private key, you first need to know the key ID, which can be found with
Code:
gpg --list-secret-keys
(The ID will be something like 0xABCDEF)

Once you have the key ID, you want to export it
Code:
gpg --armor --output mykey --export-secret-keys <key ID>
NOTE: I can never remember the proper sequence to make it write to a file instead of the terminal since I rarely need to do it. This is based on the man pages, and I *think* it's correct, but since I can't currently test it I can't say for sure that it will work as expected.

Then you will want to securely transfer the file to the other computer (preferably not over a network, use a USB key or something).
Then you need to import it
Code:
gpg --import mykey
 
Old 01-15-2016, 02:43 PM   #8
sgosnell
Senior Member
 
Registered: Jan 2008
Location: Baja Oklahoma
Distribution: Debian Stable and Unstable
Posts: 1,384

Rep: Reputation: 390Reputation: 390Reputation: 390Reputation: 390
I can never remember gpg commands. Every desktop environment I know of has a GUI frontend for gpg, even Enigmail. It's far easier to do the import/export using them, at least for me. I don't do enough of that to maintain proficiency. Once Enigmail or whatever you're using is configured, there is no need to do much, or remember much, other than your passphrase. I don't carry my private key around, I only need it to import into a new program.
 
Old 01-15-2016, 03:20 PM   #9
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
+1 for Enigmail "Key Management".
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Share SSH public/private key pair among all my systems? Z038 Linux - Security 2 06-06-2013 07:03 PM
GPG: Bad session key gpg between gpg on linux and gpg gui on windows XP konqi Linux - Software 1 07-21-2009 09:37 AM
Revoking GPG key with only passphrase and public key djib Linux - Security 2 03-13-2007 03:20 AM
can see gpg key in apt-key, still can't update Dan63043 Ubuntu 2 09-25-2006 11:35 AM
GPG Data, Secret Key but no Public Key? Aeiri Linux - Software 5 07-20-2004 06:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 05:58 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration