On Tue, 2006-11-28 at 15:01 +0100, Albert Reiner wrote: > Message:1 > Date: Tue, 28 Nov 2006 15:01:25 +0100 > From: Albert Reiner <[EMAIL PROTECTED]> > Subject: Re: Two servers...one KeyPair > To: [email protected] > Cc: "Wolff, Alex" <[EMAIL PROTECTED]> > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=us-ascii > > > I am trying to get around the problem of creating one key-pair and using it > > on two different servers (TEST and PROD). Is this possible? > > Generate the key on one server, export both private and public key > (gpg --export, gpg --export-private-key), transfer to the other > server, import private and public key. > > HTH, > > Albert.
I apologize for not addressing this sooner. I never heard of the option --export-private-key. I gave the more complete response of how to do it using --export-secret-keys. Is --export-private-key part of 2.0 or are just you explaining the concept? I have never used 2.0, YET. I said that if you don't have completely duplicate key-rings, you should do the export. Additionally, if you have generated the keys on GnuPG, but you are using PGP instead of GnuPG on the other machine you will also want to do an --export-secret-keys and import it on the other machine EVEN if the key-rings are duplicates of each other. I forgot to ask the philosophical question of whether or not we should be asked the pass-phrase of the secret key to do this. I suppose not, since you still need to know it to use the key once you import it some place else. But it feels strange not to be prompted for your pass-phrase when you are exporting secret keys. Even if it doesn't do anything, the asking of you to confirm that you really want to export your secret key by asking for the pass-phrase of that key should clue you in that you are doing something that needs to be done with care and you should probably securely remove the file that was created when you no longer need it. HHH _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
