文章

How To Migrate Or Export All Gpg Public And Private Keys From One User To Another

How to migrate or export all GnuPG (gpg) public and private keys from one user to another, Telling Git about your signing key.

发表于 更新于
Preview Image
作者 佚名
次浏览 2 分钟阅读

How to migrate or export all GnuPG (gpg) public and private keys from one user to another

原文:

https://access.redhat.com/solutions/2115511

  • . As the original user, use the following command to export all public keys to a base64-encoded text file:
1

gpg -a --export >mypubkeys.asc

Use the following command to export all encrypted private keys (which will also include corresponding public keys) to a text file:

1

gpg -a --export-secret-keys >myprivatekeys.asc

Optionally export gpg’s trustdb to a text file:

1

gpg --export-ownertrust >otrust.txt

  • . Transfer those files to a place that the new user can read, keeping in mind that it’s bad practice to share private keys (e.g., via email or in a world-readable directory like /tmp), despite the fact that they are encrypted and require the passphrase to be used

  • . As the new user, execute gpg –import commands against the two asc files and then check for the new keys with gpg -k and gpg -K, e.g.:

1
2
3
4

gpg --import myprivatekeys.asc
gpg --import mypubkeys.asc
gpg -K
gpg -k

Optionally import the trustdb file as well:

1

gpg --import-ownertrust otrust.txt
  • . As the new user, test encryption and decryption with gpg -er USERID and gpg -d commands Keep in mind that decryption and signing will likely fail unless the user running gpg owns the terminal it is running on (Translation: don’t su over to the new user; login directly via ssh or console)

Telling Git about your GPG key

原文: Github Docs: Telling Git about your GPG key

  • . Use the gpg --list-secret-keys --keyid-format LONG command to list GPG keys for which you have both a public and private key. A private key is required for signing commits or tags.
1

$ gpg --list-secret-keys --keyid-format LONG

!!! Note

1

Note: Some GPG installations on Linux may require you to use `gpg2 --list-keys --keyid-format LONG` to view a list of your existing keys instead. In this case you will also need to configure Git to use `gpg2 by running git config --global gpg.program gpg2`.
  • . From the list of GPG keys, copy the GPG key ID you’d like to use. In this example, the GPG key ID is 3AA5C34371567BD2:
1
2
3
4
5
6

$ gpg --list-secret-keys --keyid-format LONG
/Users/hubot/.gnupg/secring.gpg
------------------------------------
sec   4096R/3AA5C34371567BD2 2016-03-10 [expires:2017-03-10]
uid                          Hubot
ssb   4096R/42B317FD4BA89E7A 2016-03-10
  • . To set your GPG signing key in Git, paste the text below, substituting in the GPG key ID you’d like to use. In this example, the GPG key ID is 3AA5C34371567BD2:
1

$ git config --global user.signingkey 3AA5C34371567BD2
漫步云端, git
git github python pelican
本文由作者按照 CC BY 4.0 进行授权