How to share the public OpenPGP key using GnuPG?

I used GnuPG to generate a key. But looking at the GUI, I cannot tell where my public key is stored. I would like to share it with friends.

I clicked on export, this exported a name.asc file, but when I open the file in gedit it is labeled as a private key so I am assuming this is not the public key for sharing.


Solution 1:

From the command line:

Run gpg --list-keys 'your name' to list the keys you currently have (replacing your name with the name you have while setting up):

$ gpg --list-keys muru      
/home/muru/.gnupg/pubring.gpg
--------------------------------
pub   2048R/AD0CC9B4 2015-07-15
uid                  muru
sub   2048R/450DAD90 2015-07-15

Note the fingerprint of the key you want to export. The fingerprint of my public key is AD0CC9B4. To export it, I'll do gpg --export (-a is for ASCII armour, so that the key is in the usual base64-encoded form):

$ gpg -a --export AD0CC9B4
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQENBFWm4zkBCADYo5ffanvwBVGMbfp3g+/RMYb41QRZXCGSUhZkU7m3BpPSoO/4
NBzD4KKAU6CTVzBmVmZoFGgK2dDIOv+ZCkB4USZM2cvvpu7I+jfaYZW7ouQ4uEYu
8xY8ugFn5ImsK4KN0OP+Iw1VBXLdvj/rEiV+gcH8QV0XhsfgczCxjS1dMV3AMD+h
# snip
Wo0X3XmrPpaHJf7MsjGmJGbHNX9ZLllyFWQPlNdu9ilLI9GMjSpJSqQ=
=l/Xm
-----END PGP PUBLIC KEY BLOCK-----

You can redirect the output to a file:

gpg -a --export AD0CC9B4 > my-pubkey.asc

Then my-pubkey.asc should contain your ASCII-armoured public key.

The corresponding private key can be exported with:

gpg -a --export-secret-keys AD0CC9B4

The output of this command will begin with

-----BEGIN PGP PRIVATE KEY BLOCK-----

Solution 2:

I clicked on export, this exported a name.asc file, but when I open the file in gedit it is labeled as a private key so I am assuming this is not the public key for sharing.

This would indeed be a bad idea, as the private key should remain - private.

Your public key is stored in the GnuPG keyring (~/.gnupg/pubring.gpg by default). To distribute it, you have two options. Both should also be available in most graphical user interfaces, but might have different names for the commands.

  1. Exporting the key and shipping it manually

    To export your key, use the --export option, which exports a given public key together with all user IDs, subkeys and certifications received. -a/--ascii enables ASCII-armoring, which is mostly a Base64-like encoding making transmission safer, while slightly increasing the file size (which is still rather small).

    gpg --ascii --export [key-id] > your-key.asc
    

    You can now mail or upload this file somewhere, or pass it around on another medium of your choice.

  2. Upload the key to the key server network

    Usually, keys are distributed using the key server network. Uploading your public key is very easy using the --send-key command.

    gpg --send-key [key-id]
    

    Now others can search and receive your key by executing

    gpg --search [mail address]
    gpg --recv-key [key-id]
    

    Also, most OpenPGP implementations will support querying key servers for mail addresses to use in some kind, manually or automatically.

    Be aware you can never delete OpenPGP keys from the key server network (no matter who uploaded it)!