Importing PGP keys

It seems a lot of people think that it's a hassle to import pgp keys, this is proof that they're wrong.


Importing a pgp key from stdin

A lot of people share their pgp keys in cleartext (armored) format, like 20h.

On the bottom of the about page, his public key is available in cleartext.

Now that we've found a pgp key, how do we import it via gpg?

gpg --import
# paste key
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.11 (GNU/Linux)

mQENBE34+DEBCADZSNef6HQMEEEGVU4G/5Lk0YUwu9zSOIN/HBZ1u1I0J63vDD9P
vmy4wZjW+WzZY2XEksv7g4EwiSY2ocotN5Z0sfFZBajVjKEtm6wOkzDWgGj1qJqi
FYn4/vHzk/1c+UCtKyDGORNprPekGhaWRDcK9DQHdlyN6OXw1W+NQ0if6wb6hA4G
[...]
UMcLJzRHmxM=
=9MmZ
-----END PGP PUBLIC KEY BLOCK-----
# we end it with ^D (EOF)
gpg: key 09A9CB55: public key "Christoph Lohmann <20h@r-36.net>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)

And that's it.

You could also pipe it from curl as such;

curl -sL https://unix-fan.tld/pgp.pub | gpg --import

Downloading from a keyserver

Not everyone has a website, or keep their public keys there, that's when keyservers come into play.

gpg has support for fetching keys from keyservers. Wow what a shock, GNU is totally not known for bloat[!]

A keyserver, like pgp.mit.edu, lets users store their pgp keys online, and for people to easily retrieve them.

Assuming you're using the default config, importing keys from a keyserver is as simple as;

gpg --search-keys z3bra
gpg: searching for "z3bra" from hkp server the.key.serv.tld
(1) Willy Goiffon (z3bra) <willy@mailoo.org>
      4096 bit RSA key BD00B46C, created: 2013-07-03
Keys 1-1 of 1 for "z3bra".  Enter number(s), N)ext, or Q)uit >

Then it's as easy as selecting the key you want, and gpg will import it.


Exporting your key

To export your key, run;

gpg -a --export >mypgp.pub

Then you can move mypgp.pub to https://your.tld/pgp.pub or upload it to any keyserver.