Import PGP Public Key

If you using a new machine that you plan to use on a regular basis, you may want to add your PGP public key to the machine's keyring. One reason you might want to do this is so you can then export the authentication subkey as an SSH public key. (This is explained on the Export SSH Public Key page.)

Importing keys is done using the "gpg --import" command.

The examples below all show the results as "unchanged", because the computer where I ran the commands already had my key in the keyring.

Import from a file

If you have a copy of your public key, you can import that file directly.

$ gpg --import jms1.pub.asc
gpg: key 49B9FD3BB4422EBB: "John Simpson <j..1@j....net>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

Import via download

If you have a copy of your public key on a public web server, you can download and import it in a single command, like so.

$ curl -s https://jms1.pub/jms1.pub.asc | gpg --import
gpg: key 49B9FD3BB4422EBB: "John Simpson <j..1@j....net>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

Import via fetch

If you stored a URL for your public key when setting up your YubiKey, gpg can download and import the key from that URL automatically.

Run "gpg --card-edit", and use the fetch command.

$ gpg --card-edit
...
URL of public key : https://jms1.pub/jms1.pub.asc
...

gpg/card> fetch
gpg: requesting key from 'https://jms1.pub/jms1.pub.asc'
gpg: key 49B9FD3BB4422EBB: "John Simpson <jms1@jms1.net>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

gpg/card> q

Using a Yubikey for PGP and SSH

Import PGP Public Key

Import from a file

Import via download

Import via fetch