IMPORTING EXISTING PUBLIC AND SECRET ENCRYPTION KEYS FOR LINUX PGP

By: Chuck Steele (sandspur), Pensacola LUG


INTRODUCTION


After Windows users install PGP 6.5.8 and later commercial versions of the program a graphical wizard walks them through getting started.


The wizard asks them if they want to “Import” existing public and secret key rings. If the answer is “no” the wizard walks them through generating a new key pair.


Using existing key rings saves users very time-consuming hassles of distributing a new key to other users, revoking old keys, and getting public keys from one's PGP pals.


I have never seen any discussion of importing existing PGP keys with Linux. That is the purpose of this article.


USING EXISTING PUBLIC AND SECRET KEY RINGS WITH LINUX PGP 6.5.8


Let us assume you are a Linux PGP user who is contemplating a new clean install on your PC. Your installation is going to fry all existing data on your hard drive including your PGP public and secret key rings.


We want to “export” those keys before the games begin. This is very easy if you know how to do it.


If you have Linux PGP 6.5.8 on your computer your public and secret key rings reside in the directory: /home/user/.pgp


The files are pubring.pkr and secring.skr. You need to copy these files to a storage medium like a memory card. In the past I have even sent the files to myself as an e-mail attachment to a web based e-mail service for later retrieval. That is considered a big security NO-NO but I am more a wannabe than a security wizard.


AFTER THE INSTALLATION


After your easy and flawless new installation you can get PGP downloaded at PGP International, pgpi.org.


#There is an article about installing the .rpm version at justlinux.com/nhf/Security


Install the program. After the installation quit being root.


We are going to generate a key pair for a bogus user:


pgp -kg


Text will walk you through generating a new key pair. Use any user name and e-mail address you want because we are going to delete these keys soon. Example:


Mister Bogus <mrbogus@dingbat.com>


When asked if you want to make this the default signing key answer “no.” The key you are going to import soon will be the default signing key.


Time to delete the new keys.


cd /home/user/.pgp


Your new keys live here. We are going to delete them.


rm pubring.pkr


rm secring.skr


Type ls and you will see that those keys are gone.


IMPORTING YOUR OLD KEYS


Copy your old pubring.pkr and secring.skr files from whatever storage medium you used earlier into your home/user/.pgp directory.


To see if things are working right view the contents of pubring.pkr by typing the command pgp -kv.


The public keys of your PGP pals should be in view.


CONCLUSION


That is how you do it. Existing keys can be imported for the Gnu Privacy Guard too but that is a topic for another article.


Have fun. Be sneaky.


#This article was composed with the Open Office Writer and Saved As HTML.