• Registered: 2009-01-18
  • Posts: 2

Topic: Import and export of secret keys.

I'm generally very impressed with this bit of software, but I'm having a problem importing and exporting secret keys. 

I understand that the latter *may* be a deliberate security measure, but it's annoying.

More problematic is that I can't import my secret key from elsewhere - it gives me the message 'The selection you are trying to import doesn't contain any valid PGP data.'  I know that the data in question is valid - I've successfully imported it into other pgp-like programs.

I love the applicability of the software, but I can't use it seriously until I find a way around this.  If anybody has any tips, even if they are information about where to find the information and manually pull it out using a text/hex editor etc., I'd be very grateful.

~Jess

  • From: Geneva
  • Registered: 2007-04-04
  • Posts: 1,040

Re: Import and export of secret keys.

Security is always annoying wink (yes it's deliberate)

Use gpg's command line to import, import key may be useful in desktops gpg software, but we're speaking about a firefox -> web gpg software, what a private key is doing on our web ?

the_glu's Website

  • Registered: 2009-01-19
  • Posts: 2

Re: Import and export of secret keys.

I have a similar problem - I used FireGPG to create my secret keys - I want to use them on another machine, but I can't find them!  Where does FireGPG keep the keys it creates?

Many thanks

  • From: Geneva
  • Registered: 2007-04-04
  • Posts: 1,040

Re: Import and export of secret keys.

FireGPG use gnupg, use gnupg, I don't know (in fact yes but it's depends) where gnupg keep his keys wink

the_glu's Website

  • Registered: 2009-01-18
  • Posts: 2

Re: Import and export of secret keys.

gnupg is a symbolic package, the programs are gpg and gpgv.

Got it.

'man gpg' tells you most of what you need to know. 

Importing is as simple as putting the following into the terminal:

gpg --import /home/USER/seckey.asc

Exporting is a little different.  The command 'gpg --export-secret-keys' exports all of them, but it just dumps them into the terminal window (try it and see), so you can use '>' to pass them to a text file:

gpg --export-secret-keys > /home/USER/seckey.asc

The mistake I made was to be logged in as root, not 'user' (the same user as is using firefox with firegpg plugin), so I was confusing myself by dealing with root's keys and wondering where my own keys had gone!

  • Registered: 2009-01-19
  • Posts: 2

Re: Import and export of secret keys.

Fantastically useful, thank you

  • Registered: 2009-02-28
  • Posts: 1

Re: Import and export of secret keys.

what about windows?

i typed this command, but nothing happened. just some trash and couple of beeps from speaker

  • From: Geneva
  • Registered: 2007-04-04
  • Posts: 1,040

Re: Import and export of secret keys.

Go to your gnupg directory with 'cd' :

cd ..
cd ..
cd ..
cd ..
cd ..
dir

Here you should list the content of your c:\ drive. Then use "cd thefolder" to go to your gnupg folder (check in firegpg options where it's is)(cd "Program files", etc.)

the_glu's Website

  • Registered: 2009-08-22
  • Posts: 7

Re: Import and export of secret keys.

gpg --import /home/USER/seckey.asc

If you don't like the command line and you're a Windows user, you can just install GnuPG for Windows: http://www.gpg4win.org/

When installing, make SURE you install "WinPT" component.  When you do, the program will give you a nice graphical interface to view both public AND private keys.

The interface looks something like this: http://www.rayservers.com/images/gpg4win/winpt1.GIF

  1. Right click the key icon in the task bar and choose "Key Manager".

  2. You'll see your FireGPG-generated key and other information.

  3. Click on the line that has your key and choose "Key" from the menu.

  4. Select "Export Secret Key"

  5. A file with the ending "sec.asc" file will be created with your secret key information.

There's nothing special about these sec.asc files.  You can open this with a regular text file editor if you'd like to see what's inside.  Make *sure* you store this key in a secure manner.

(Image source: http://www.rayservers.com/openpgp-for-windows)