How to import secret gpg key (copied from one machine to another)?

You need to add --import to the command line to import the private key. You need not use the --allow-secret-key-import flag. According to the man page: "This is an obsolete option and is not used anywhere."

gpg --import private.key

Above is only a partial answer. Complete answer is:

gpg --import private.key
  • Given the KEYID (e.g FA0339620046E260) from the output:

    gpg --edit-key {KEY} trust quit
    # enter 5<RETURN> (I trust ultimately)
    # enter y<RETURN> (Really set this key to ultimate trust - Yes)
    
  • OR use the automated command below:

    expect -c "spawn gpg --edit-key {KEY} trust quit; send \"5\ry\r\"; expect eof"
    

Finally, verify that key is now trusted with [ultimate] instead of [unknown]

gpg --list-keys

I was importing from a backup that had an old version of gpg. Since the old computer wasn't available, only the backup, I couldn't export it first. This is what worked for me.

gpg --import old_home_dir/.gnupg/pubring.gpg
gpg --import old_home_dir/.gnupg/secring.gpg

If you want to be able to import secret keys without entering the passphrase immediately, use the --batch option.

To verify the public keys:

gpg --list-keys

To verify the secret keys:

gpg --list-secret-keys

Tags:

Gpg