Select the path and the file name of the output file. Decrypt the message using your private key. After extending the expiry date of a GPG key you might have to copy your key to another machine to use the same key there. The public key can decrypt something that was encrypted using the private key. Location of keys. The secret keys[1] are stored on a per file basis in a directory below the ~/.gnupg home directory. Using a JavaScript (read: offline) QR code generator, I create an image of my private key in ASCII armoured form, then print this off. (y/N) y (Probably you want to select 1 here) Your decision? Note alongside it the key ID and store it in a physically secure location. You can export the private key with the command-line tool from GPG.It works on the Windows-shell. While a physical location is secure physically, there is some risk of losing the flash key, CD, etc to theft, fire, or other disasters/hazards. GPG relies on the idea of two encryption keys per person. The private key is your master key. It's possible the file was created without this info, or with the wrong ID. Complete answer is: gpg --import private.key Given the KEYID (e.g FA0339620046E260) from the output:. gpg --edit-key {KEY} trust quit # enter 5 (I trust ultimately) # enter y (Really set this key to ultimate trust - Yes) – virullius Apr 12 '17 at 19:49 Here’s some that should work for you no matter what operating system you use, as long as you have a browser that supports JavaScript. and should have permissions 700. Once GnuPG is installed, you’ll need to generate your own GPG key pair, consisting of a private and public key. The process requires your private key, passphrase. Syntax: gpg --decrypt file $ gpg --decrypt test-file.asc You need a passphrase to unlock the secret key for user: "ramesh (testing demo key) " 2048-bit ELG-E key, ID 35C5BCDB, created 2010-01-02 (main key ID 90130E51) Enter passphrase: Above is only a partial answer. Use the following command: gpg --export-secret-keys A normal export with --export will not include any private keys, therefore you have to use --export-secret-keys.. Edit: to export a private key: gpg --export-secret-key -a "User Name" > private.key This will create a file called private.key with the ascii representation of the private key for User Name. Some notes on the format of the secret keys used with gpg-agent. I like to store mine on paper. Each person has a private key and a public key. To decrypt the file, they need their private key and your public key. private-keys-v1.d. $ gpg --output revoke_key.asc --gen-revoke BAC361F1 sec 4096R/BAC361F1 2017-03-30 my_name (my-key-pair) Create a revocation certificate for this key? These are binary files which contain your encrypted certificate (including the private key). To send a file securely, you encrypt it with your private key and the recipient’s public key. I store all my private keys in KeePass Password Safe 2.0, a free, open source, cross-platform and light-weight password management … This directory is named. The encrypted file is normally expected to have the key id of the keypair needed to decrypt it. Now that GnuPG is installed, you’ll need to generate your own GPG key pair, consisting of a private and public key…. Depending on whether you want to export a private OpenPGP or S/MIME key, the file ending .gpg (OpenPGP) or .p12 (S/MIME)will be selected by default. The file type is set automatically. It allows you to decrypt/encrypt your files and create signatures which are signed with your private key. It's pretty much like exporting a public key, but you have to override some default protections. I don't see a way to tell gpg which key to use, you can only tell it to try them all.