Convert GPG keys to subkeys

From Exterior Memory
Revision as of 22:22, 24 February 2008 by MacFreek (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
This article is unfinished.


This is a short log (how to) I converted my PGP key to PGP subkeys. The


PGP Identities and Subkeys

Analysing a given key

Each PGP "key" actually contains a few user identities. Usually, one user identity for each e-mail address that you use.

Let's say you got a file pgpkey.asc, with a GPG block, you can analyse it:

gpg pgpkey.asc
pub  1024D/B804CF07 2006-02-05 Freek Dijkstra <freek@macfreek.nl>
uid                            Freek Dijkstra <fdijkstr@science.uva.nl>
uid                            [jpeg image of size 5225]
sub  2048g/2C33CF18 2006-02-05

However, this is incomplete and imprecise.

gpg --with-colons --fixed-list-mode --with-fingerprint pgpkey.asc 
pub:u:1024:17:567C3C2DB804CF07:1139175758:::u:Freek Dijkstra <freek@macfreek.nl>:
fpr:::::::::AE237158C1D0F7C92641C42F567C3C2DB804CF07:
uid:::::::::Freek Dijkstra <fdijkstr@science.uva.nl>:
uat:::::::::1 5244:
sub:u:2048:16:C63F06AD2C33CF18:1139175851::::
fpr:::::::::9CD4EACFA20E38431608E9F6C63F06AD2C33CF18:


However, this is not all there is in a key.

This article is unfinished.

Nu snap ik ook waarom ik geen expiration dat kan zetten op mijn foto: blijkbaar is er een verschil tussen subkeys en uid, en kunnen alleen subkeys een expiration hebben en kunnen alleen uid/uat gesigned worden, en geen subkeys (of misschien die ook, dat is me nog niet duidelijk).

More information:

Multiple Keys or Multiple Subkeys

People can have multiple PGP keys. This is done to reduce the damage if they compromise their private key. For example, you can have PGP key for signing, that you keep off-line, and another one (daily use) key for sending and receiving e-mail. You only use the daily use one for a year, and then create a new one. This doesn't hurt your web of trust, since others only sign the off-line key (which then signs the daily use key).

The trick here is to separate functions:

  • encrypt/decrypt (decrypt with your private key of a message you received)
  • sign (sign data. For example a file or to send signed e-mail)
  • certify (sign another key, establishing a trust-relation)
  • authentication (log in to SSH with a PGP key; this is relatively new usage)

So the "off-line" key as described above would be only used for certification, while the "daily-use" key is only used for signing and decryption.

Actually, you can further split the usage of your daily key(s):

  • A sign key on your home computer
  • Another sign key on your work computer
  • An decrypt key on both computer

You can not have a separate decrypt key for the home and the work computers. After all, if someone wants to send you an e-mail she/he doesn't know which key to use for encryption of the e-mail.


Beside of using different keys, it is also possible to use different subkeys for the different purposes. Thus, a key can noy only contain multiple identities (the uid records), but also multiple subkeys (sub records).

The great thing is that you can add four different kind of attributes to each subkey:

  • e = encrypt/decrypt (decrypt with your private key of a message you received)
  • s = sign (sign data. For example a file or to send signed e-mail)
  • c = certify (sign another key, establishing a trust-relation)
  • a = authentication (log in to SSH with a PGP key; this is relatively new usage)

Indeed, that is the same list as the functions above. You can find the flags with :

gpg --fixed-list-mode --with-colons --list-key 0xB804CF07


So your key could look like this (note that I manually added the flags to this output):

pub   4096R/B804CF07 c  2007-01-25 [c]
uid                     John Doe <john@example.com>
uid                     John Doe <john.doe@example.org>
uid                     [jpeg image of size 5225]
sub   2048R/C0F03FEE s  2007-01-25 [expires: 2009-01-25]
sub   2048R/2C33CF18 e  2007-01-25 [expires: 2009-01-25]

The trick is to keep your key as a whole offline, and only store the public key, and the secret subkeys on your online computer(s). Thus not the secret key of the whole key. You can do this as follows:

On the offline computer:

gpg --export 0xB804CF07 > publickey
gpg --export-secret-subkeys 0xB804CF07 > secretsubkeys

An a on-line computer:

gpg --import publickey secretsubkeys

Let's summarize:

  • Your "main" subkey is only meant for certification. This is your "off-line" key.
  • You have one subkey for encryption, present on each online machine
  • You have one or more subkeys for signing, each present on a single online machine.

More information:

More Information

http://www.vanheusden.com/pgp.php