B.6. Importing a Public Key
The other end of key exchange is importing other people's public keys to
your keyring — is just as simple as exporting keys. When you
import someone's public key, you can decrypt their email and check their
digital signature against their public key on your keyring.
One of the easiest ways to import a key is to download the key or save
it from a website.
After downloading a key and saving it to the file
key.asc, use the following command to add it
to your keyring.
Another way to save a key is to use a browser's feature. If you are using a browser such as
Mozilla, and you locate a key at a keyserver,
you can save the page as a text file (go to =>
). In the drop-down box next to
Files of Type, choose Text Files
(*.txt). Then, you can import the key — but remember
the name of the file you saved. For example, if you saved a key as a
text file called newkey.txt, to import the
file, at a shell prompt, type the following command:
The output looks similar to the following:
gpg: key F78FFE84: public key imported
gpg: Total number processed: 1
gpg: imported: 1
To check that the process was successful, use the gpg
--list-keys command; you should see your newly imported key listed on
When you import a public key, you add that key to your
keyring (a file in which public and secret keys
are kept). Then, when you download a document or file from that
entity, you can check the validity of that document against the key
you added to your keyring.