How do I share PGP Keys with others?

Before you can use PGP in your correspondence with someone else, you'll have to exchange public keys with them. Here's how.

Sharing your key with others

The first step giving your public key to other people is to export it to a file:

  1. Open PGP Desktop
    • Windows: Start, Programs, PGP, PGPkeys or click the key icon in the PGPtools.
    • Macs: Applications, PGP.app, Keys
  2. Click on your key.
  3. From the File menu, select Export...
  4. This opens the Export Key to File dialog box.
    • The default name for the key file is Your Full Name.asc, which isn't a particularly good name. I changed mine to my NetID: judygs.asc.
    • Don't check Include Private Key(s) (unless you're preparing a file to send to yourself on another computer, say at home).
    • By default, the key file is saved in the directory that PGP Freeware installed into; either take note of the directory's name or save it into another directory where you'll be sure to find it.
  5. Click Save.

The second step is sending the file you just created to other people who'll use it. The key is plain text, so you can attach the file you've created to a note or put a link to it or the key itself on your Web page.

You can also send your key to one or both of the two public PGP key servers: In PGP Desktop, highlight your public key, then from the Server menu, select Send to, and then select either the PGP or MIT server. PGPkeys will upload the key to the server you select. What's to prevent someone else from uploading another key and saying it's yours? Absolutely nothing.

If you normally use more than one email address, you'll want to associate those email addresses with your public key as well. Instructions can be found in Chapter 9 of the PGP Desktop User's Guide along with plenty more information about exchanging public keys..

You might also consider adding a designated revoker, which is someone who can cancel you public key if something drastic happens to your private key. Instructions can be found in 'Working with Revokers ' in Chapter 10 of the PGP Desktop User's Guide.

Adding others' keys to your keyring

When someone sends you their key, save it into a file on your hard drive. Use the file extension .asc.

There are many ways to import someone's public key and add it to your keyring. These methods include:

  • Double-click on the file name. If PGP Desktop recognizes the file format, it will open the file and ask if you want to import the key(s) in the file.
  • Drag the file containing the public key onto the PGP Keys window, enter the passphrase protecting the key (if applicable) and click Open, then click Import.
  • When importing an X.509 certificate, the certificate can only be imported from a file with a PEM, PFX, or P12 extension.

PGP will automatically search your entire keyring whenever you decrypt a message or file or verify a signature.

Searching for Others' Keys on the Public Key Servers

  1. Open PGPkeys: Start, Programs, PGP, PGPkeys or click the key icon in the PGPtools.
  2. From the Server menu, select Search.
  3. Select a keyserver; either PGP Global Directory or keyserv.pgp.com are used by PGP Desktop.
  4. On the PGPkeys Search Window, use the email criteria: Email and contains, and type the email address you are searching for in the next box. Email addresses make good search criteria because they're pretty much unique and are therefore usually included in the a public key's User ID. If that doesn't work try searching on Name. But that might be wierd; for example for names. For example, I have a two part last name. Neither part of my name returned me; only the full name did.
  5. The server will return a list of keys matching your criteria; right-click on a key you want to keep, then choose Import from the right-click menu.

Need help?

Last updated: 

September 21, 2016

Browse by tag