Wednesday, May 14, 2008

OpenPGP Keys backup

For my work emails, I usually digitally sign them with GPG keys. Now I plan to install Fedora 9 (you gotta check it out...it is that cool!) on my laptop and spanking new Ubuntu 8.04. What can I say? I am a distro whore!

Anyhow before I blow away my Ubuntu installation, I first need to backup my keys.

To backup my public key, I need to do the following:

eyeoh@zahadum:~$ gpg --list-keys
/home/eyeoh/.gnupg/pubring.gpg
------------------------------
pub 1024D/A2F0C9E0 2008-05-12
uid Eric Yeoh (msian_tux_lover)
sub 2048g/A5FA7805 2008-05-12

eyeoh@zahadum:~$ gpg -ao msian_tux_lover-pub.key --export A2F0C9E0


msian_tux_lover-pub.key is just a random file name, you can use others.

To backup my private key:

eyeoh@zahadum:~$ gpg --list-secret-keys
/home/eyeoh/.gnupg/secring.gpg
------------------------------

sec 1024D/A2B0F3E6 2008-05-12


uid Eric Yeoh (msian_tux_lover)

ssb 2048g/A1FA9806 2008-05-12


eyeoh@zahadum:~$ gpg -a --export-secret-keys A2B0F3E6 | gpg -aco msian_tux_lover-private.key.gpg

msian_tux_lover-private.key.gpg is just a random file name, you can use others.

You will be prompted for a passphrase to encrypt the private key. DO NOT forget the password.

Then just copy the two key files to somewhere safe.

To restore the keys on to the newly installed Fedora 9 you just need to:

[eyeoh@anlashok ~]$ gpg --import msian_tux_lover-pub.key

To restore the encrypted key:

[eyeoh@anlashok ~]$ gpg --decrypt msian_tux_lover-private.key.gpg |gpg --import

No comments: