Migrating GPG keys
As I am storing backup remotely, I used GPG to encrypt my stuff on-the-fly using duplicity.
Due to the upgrading of the current machine to a more powerful machine, I need to move my GPG keys too.
Here is how I do it.
List the available GPG key in the store.
[root@svr ~]# gpg --list-keys /root/.gnupg/pubring.gpg ------------------------ pub 1024D/A1FC0247 2011-01-07 uid tanfwc <tanfwc@happylife.sg> sub 2048g/F96387B6 2011-01-07 |
Let’s export the keys accordingly.
[root@svr ~]# gpg --output mygpgkey_pub.gpg --armor --export F96387B6 [root@svr ~]# gpg --output mygpgkey_sec.gpg --armor --export-secret-key F96387B6 |
Copy the key to the new machine.
scp mygpgkey_pub.gpg mygpgkey_sec.gpg remote-user@remote-ip:/root/ |
Now go to the new machine and import the keys.
[root@svr1 ~]# gpg --import mygpgkey_pub.gpg gpg: keyring `/root/.gnupg/secring.gpg' created gpg: key A1FC0247: public key "tanfwc <tanfwc@happylife.sg>" imported gpg: Total number processed: 1 gpg: imported: 1 [root@svr1 ~]# gpg --allow-secret-key-import --import mygpgkey_sec.gpg gpg: key A1FC0247: secret key imported gpg: key A1FC0247: "tanfwc <tanfwc@happylife.sg>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 gpg: secret keys read: 1 gpg: secret keys imported: 1 [root@svr1 ~]# |
List the key on the new server to see whether it is imported.
[root@svr1 ~]# gpg --list-keys /root/.gnupg/pubring.gpg ------------------------ pub 1024D/A1FC0247 2011-01-07 uid tanfwc <tanfwc@happylife.sg> sub 2048g/F96387B6 2011-01-07 |
Looks good. My keys is now on the new machine. Off to do my encrypted backup now 🙂