Renewing expired keys

Juan Miguel Navarro Martínez juanmi.3000 at
Sun Jan 15 22:17:39 CET 2017

On 2017-01-15 at 20:36, Rick Nakroshis wrote:
> List,
> Been a while since I used my GPG installation, and my keys have
> expired.  Looking at the docs, I see how to set up an initial set of
> keys, but how about a follow-on set?  Do I generate a new set with same
> email address, and sign them with my expired key to show they come from
> the same person?  Not quite sure   Suggestions/advice, please?
> Rick
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at
If you want to keep the same keys (assuming they are still strong
enough) you can just extend its expiration date by editing your key with
`gpg[2] --edit-key (UID|KeyID|Fingerprint)` then use `expire` in `gpg>`
promt. If it has any subkeys, use `key n` (n = 1, 2, 3..) for all the
subkeys and use the `expire` command agan. Lastly `save` the changes.

Otherwise, you can also create a new master key and sign the new one
with the old one.
If you have a blog, personal or project's website or something that
people usually come to visit and know about your PGP keys, also make a
transtition statement signed with both keys telling which key you had,
which is the new one, their fringerprints and so on. Here are some examples:

Lastly, revoke the old one if you aren't going to use it publicly anymore.

Juan Miguel Navarro Martínez

GPG Keyfingerprint:
5A91 90D4 CF27 9D52 D62A
BC58 88E2 947F 9BC6 B3CF

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170115/9b2fbd07/attachment.sig>

More information about the Gnupg-users mailing list