B.5. Exporting your
Before you can use public key cryptography, other people must
have a copy of your public key. To send your key to correspondents
or to a keyserver, you must export the
To export your key, so you can display it on a webpage or paste
it in email, type the following command:
gpg --armor --export firstname.lastname@example.org > mykey.asc
You do not see any output, because not only did you export your
public key, you redirected the output to a file called, for
example, mykey.asc. (Without the addition
of > mykey.asc, the key would have been
displayed as the standard output on the monitor screen.)
Now, the file mykey.asc can be
inserted into email or exported to a keyserver. To see the key,
type less mykey.asc to open the file in a
pager (type [q] to quit the pager). It
should look like the following:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP PUBLIC KEY BLOCK-----
Exporting to a Keyserver
If you are only writing to a few correspondents, you can export
your public key and send it to them personally. If you correspond
with many people, however, distribution of your key can be time
consuming. Instead, you can use a keyserver.
A keyserver is a repository on the Internet which can store and
distribute your public key to anyone who requests it. Many
keyservers are available, and most try to remain synchronized with
each other; sending your key to one keyserver is like distributing
it to them all. A correspondent can request your public key from a
from a keyserver, import that key to their keyring, and they are
ready for secure correspondence with you.
Because most keyservers are synchronized, sending your public
key to one keyserver is usually as good as sending it to them all.
You can, however, locate different keyservers. One place to begin
your search for keyservers and more information is Keyserver.Net available at http://www.keyserver.net.
You can send your public key from either the shell prompt or
from a browser; of course, you must be online to send or receive
keys from a keyserver.
From the shell prompt, type the following:
gpg --keyserver search.keyserver.net --send-key email@example.com
From your browser, go to Keyserver.Net (http://www.keyserver.net) and select the option to add
your own PGP public key.
Your next task is to copy and paste your public key into the
appropriate area on the webpage. If you need instructions on how to
do that, use the following:
Open your exported public key file (such as mykey.asc, which was created in Section B.5 Exporting your Public
Key) with a pager — for example, use the less mykey.asc command.
Using your mouse, copy the file by highlighting all the lines
from the BEGIN PGP to END PGP notations (see Figure B-1).
Paste the contents of the file mykey.asc into the appropriate area of
the page on Keyserver.Net by middle-clicking with your mouse (or
left- and right-clicking if you are using a two-button mouse). Then
select the Submit button on the keyserver
page. (If you make a mistake, press the Reset button on the page to clear your pasted
Figure B-1. Copying Your Public Key
Note that if you are submitting your key to another Web-based
keyserver, the above transaction is essentially the same.
That is all you need to do. Regardless of whether you use the
shell prompt or the Web, you see a message that your key was
successfully submitted — either at the shell prompt or at the
keyserver's website. From now on, users who want to communicate
securely with you can import your public key and add it to their