Edit Rename Changes History Upload Download Back to Top

OpenPGP Key Publishing

Once you have made your key pair you will need to share the public key with others to get any value from it. The two ways of sharing a key are: OpenSkills members must have the public key associated with their membership available from a public key server. You may have other keys, however, and wish to exchange these directly with others.

Using a public key server

There are many public key servers, and typically they all replicate between each other. So putting your public key in one repository will result in it turning up in them all eventually.

For OpenSkills purposes, we will use:

You can use the web interfaces to search for published keys in a variety of ways. For example, you can search by email address, key ID or just name.

For commands that operate against a keyserver, the particular keyserver is identified in one of two ways:

  1. Include --keyserver keys.se.linux.org in every command that needs a keyserver.
  2. Editing the gpg.conf file to add a "keyserver hkp://keys.se.linux.org" line.
If you wanted to publish the public key of fbloggs@openskills.org to keys.se.linux.org use:

gpg --keyserver keys.se.linux.org --send-key fblogs@openskills.org

(Note: some versions of GnuPG will not accept email addresses as an argument to --send-key and you must use the key ID instead, e.g. 0xBEBB933F)

... and the public key for fblogs@openskills.org is uploaded to the keys.se.linux.org repository. You could now search using that email address via the web interface on the keys.se.linux.org website. After a while (depending on the replication schedule) you could also find the key in the keyserver.net repository.

To get the key of fbloggs@openskills.org from the repository:

gpg --keyserver keys.se.linux.org --search-keys fblogs@openskills.org

... this will present you with a list of matching keys in the repository from which you may select. Once selected, the public key is added to your keyring.

Exchanging Keys Directly

To send your public key to another person, make an ASCII version of it and attach it to an email, or print it out and send it by snail mail.

To make an ASCII version of the key follow the instructions in "Key Creation and Backup".

You can then send your public key off to whom ever you wish.

If another person sends you the ASCII form of their public key, you can import that key into your key ring.

Let us say that we just received the key from Fred Bloggs as an attachment to an email. Save Freds key (e.g. as "fred-public.key"), and then run:

gpg --import fred-public.key.

... Fred's public key is now on your key ring and can be used to send Fred an encrypted email or file, or to verify documents signed with Fred's private key.

Edit Rename Changes History Upload Download Back to Top