Recipe 7.26 Using PGP Keys with GnuPG

7.26.1 Problem

You want to use PGP keys in GnuPG operations.

7.26.2 Solution

Using PGP, export your key to a file called pgpkey.asc. For example, using freeware PGP 6.5.8, you export a public key with:

$ pgp -kxa my_key pgpkey.asc

or a private key with:

$ pgp -kxa my_key pgpkey.asc my_secret_keyring.skr

Then import the key into your GnuPG keyring. For public keys:

$ gpg --import pgpkey.asc

For private keys:

$ gpg --import --allow-secret-key-import pgpkey.asc

Now you can use the key in normal GnuPG operations.

7.26.3 Discussion

Keys are really abstract mathematical objects; this recipe simply converts a key from one representation to another so that GnuPG can use it. It's similar to converting an SSH key between the SSH2 and OpenSSH formats. [Recipe 6.6]

Once you've imported a PGP key into your GPG keyring, this doesn't mean you can interoperate with PGP in all ways using this key. Many versions of PGP have appeared over the years, before and after the emergence of the OpenPGP standard, and GPG does not interoperate with every one. Suppose you convert your friend's old PGP public key for use with GPG via this recipe. Now you can encrypt a message to her, using her public key... but can she read it? Only if her version of PGP is capable of reading and decrypting GPG messages, and not all can. Conversely, you may not be able to read old messages encrypted with the PGP software—for example, some versions of PGP use the IDEA cipher for data encryption, which GPG does not use because it is patented. Make sure you share a few test messages with your friend before encrypting something truly important for her.

7.26.4 See Also

gpg(1), pgp(1).