Export private key

Werner Koch wk at gnupg.org
Wed Jan 6 18:33:53 CET 2021

On Wed,  6 Jan 2021 14:14, Dino Edwards said:

> Something changed in the code and it now prompts me for the key
> password before it proceeds. I see the value in this, however this is

Yes, since version 2.1.

The reasons is that the internal store for the private key uses a more
modern way of protecting the key.  Thus when exporting in the OpenPGP
format we need to re-encrypt and thus need to ask for the passphrase.

As usual since 2.1 you need to pass
and for example
  --passphrase-fd N

so that the gpg-agent (which does the re-encryption) does not pop up a
pinentry but asks back.

If you do not need to convey the private key in OpenPGP format you can
actually do easier:  Run gpg as in this example

  $ gpg --with-colons --with-keygrip -K USERID_OR_FPR

and grep for the the grp lines (keygrips); for example:

  $ [...] |  awk -F: '$1=="grp" {print $10}'

Then copy the files


to the target machine.  They are encrypted but better use a secure
channel.  You also need to copy the public keys the usual way.  Using
this method you may also selectively share a subkey.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210106/d7f617ca/attachment.sig>

More information about the Gnupg-users mailing list