Migrating GPG keys

As I am storing backup remotely, I used GPG to encrypt my stuff on-the-fly using duplicity.

Due to the upgrading of the current machine to a more powerful machine, I need to move my GPG keys too.

Here is how I do it.

List the available GPG key in the store.

 
[root@svr ~]# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub   1024D/A1FC0247 2011-01-07
uid                  tanfwc <tanfwc@happylife.sg>
sub   2048g/F96387B6 2011-01-07

Let’s export the keys accordingly.

 
[root@svr ~]# gpg --output mygpgkey_pub.gpg --armor --export F96387B6
[root@svr ~]# gpg --output mygpgkey_sec.gpg --armor --export-secret-key F96387B6

Copy the key to the new machine.

scp mygpgkey_pub.gpg mygpgkey_sec.gpg remote-user@remote-ip:/root/

Now go to the new machine and import the keys.

[root@svr1 ~]# gpg --import mygpgkey_pub.gpg
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: key A1FC0247: public key "tanfwc <tanfwc@happylife.sg>" imported
gpg: Total number processed: 1
gpg:               imported: 1
[root@svr1 ~]# gpg --allow-secret-key-import --import mygpgkey_sec.gpg
gpg: key A1FC0247: secret key imported
gpg: key A1FC0247: "tanfwc <tanfwc@happylife.sg>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
[root@svr1 ~]#

List the key on the new server to see whether it is imported.

 
[root@svr1 ~]# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub   1024D/A1FC0247 2011-01-07
uid                  tanfwc <tanfwc@happylife.sg>
sub   2048g/F96387B6 2011-01-07

Looks good. My keys is now on the new machine. Off to do my encrypted backup now 🙂