How to Properly Transfer by cmd. line PGP Keys in a New Computer [e.g. Launchpad OpenPGP Key]

Question

I would like to use my Launchpad PGP Key to access my Launchpad PPAs on 2 computers. To do it I need to transfer the key to the other Ubuntu computer. I did found very little support on Ubuntu specific websites so far.

Here is what I did on the original computer:

$ gpg2 --fingerprint
/home/ubuntu-xenial/user/.gnupg/pubring.kbx
--------------------------------------------
pub   rsa2048/245FD525 2016-12-16 [SC]
      Key fingerprint = C64F 728F BF5D C5CE 357B  D1AE FC8F 1C1C 245F D525
uid         [ unknown] my_name <my_e-mail>
sub   rsa2048/4D0AABD3 2016-12-16 [E]

$ 
$ gpg2 --list-secret-keys
/home/ubuntu-xenial/user/.gnupg/pubring.kbx
--------------------------------------------
sec   rsa2048/245FD525 2016-12-16 [SC]
uid         [ unknown] my_name <my_e-mail>
ssb   rsa2048/4D0AABD3 2016-12-16 [E]

$ 
$ gpg2 --export -a 245FD525 > Launchpad-GPG-Public-Key.asc
$ gpg2 --export -a 245FD525 > Launchpad-GPG-Private-Key.asc
---> Enter secret passphrase
$

On the new computer:

$ gpg2 --import Launchpad-GPG-Public-Key.asc
gpg: keybox '/home/ubuntu-xenial/user/.gnupg/pubring.kbx' created
gpg: /home/ubuntu-xenial/user/.gnupg/trustdb.gpg: trustdb created
gpg: key 245FD525: public key "my_name <my_e-mail>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ gpg2 --import Launchpad-GPG-Private-Key.asc.asc 
gpg: key 245FD525: "my_name <my_e-mail>" not changed
gpg: key 245FD525: secret key imported
gpg: Total number processed: 3
gpg:              unchanged: 1
gpg:       secret keys read: 3
gpg:   secret keys imported: 2
$ 
$ gpg2 --edit-key 245FD525
gpg (GnuPG) 2.1.11; Copyright (C) 2016 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec  rsa2048/245FD525
     created: 2016-12-16  expires: never       usage: SC  
     trust: unknown       validity: unknown
ssb  rsa2048/4D0AABD3
     created: 2016-12-16  expires: never       usage: E   
[ unknown] (1). my_name <my_e-mail>

gpg> trust
sec  rsa2048/245FD525
     created: 2016-12-16  expires: never       usage: SC  
     trust: unknown       validity: unknown
ssb  rsa2048/4D0AABD3
     created: 2016-12-16  expires: never       usage: E   
[ unknown] (1). my_name <my_e-mail>

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

Your decision? 5
Do you really want to set this key to ultimate trust? (y/N) y

sec  rsa2048/245FD525
     created: 2016-12-16  expires: never       usage: SC  
     trust: ultimate      validity: unknown
ssb  rsa2048/4D0AABD3
     created: 2016-12-16  expires: never       usage: E   
[ unknown] (1). my_name <my_e-mail>
Please note that the shown key validity is not necessarily correct
unless you restart the program.

gpg> <Ctrl><D>
$ 
$ gpg --list-keys [user]
gpg: checking the trustdb
gpg: public key of ultimately trusted key 245FD525 not found
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: error reading key: public key not found
$

At this stage the process is still incomplete and I still can't use it to sign for uploading packages to my PPAs ...

I made an error here I should have replaced the [user] by the e-mail address used on gpg ...

$ gpg --list-keys <e-mail address> 
pub   rsa2048 2016-12-16 [SC]       
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX245FD525
uid           [ultimate] e-mail name <e-mail address>
sub   rsa2048 2016-12-16 [E]
$

score 1 · Accepted Answer · edited Mar 05 '18 at 02:48

After running through my notes when I originally created the PGP Key some years ago I found this answer on Ask Ubuntu:

$ gpg --keyserver keyserver.ubuntu.com --recv-keys 245FD525
gpg: requesting key 245FD525 from hkp server keyserver.ubuntu.com
gpg: key 245FD525: public key "my_name <my_e-mail>" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
$ gpg --no-default-keyring -a --export 245FD525 | gpg --no-default-keyring --keyring ~/.gnupg/trustedkeys.gpg --import -
gpg: keyring `/home/ubuntu-xenial/[user]/.gnupg/trustedkeys.gpg' created
gpg: key 245FD525: public key "my_name <my_e-mail>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
$ gpg --list-keys [user]
pub   2048R/245FD525 2016-12-16
uid                  my_name <my_e-mail>
sub   2048R/4D0AABD3 2016-12-16
$

Now I can use my Launchpad PGP Key on the other computer.

How to Properly Transfer by cmd. line PGP Keys in a New Computer [e.g. Launchpad OpenPGP Key]

1 Answers1