Difference between revisions of "GPG"

Extending the expiry date on a GPG key

$ gpg --list-secret-keys
/home/simon/.gnupg/secring.gpg
-------------------------------
sec   2048R/97063FCD 2013-04-24 [expires: 2015-04-24]
uid                  Simon Amor <simon@leaky.org>
ssb   2048R/4EB9E134 2013-04-24

Edit the appropriate key id

$ gpg --edit-key 97063FCD

pub  2048R/97063FCD  created: 2013-04-24  expired: 2015-04-24  usage: SCEA
                     trust: unknown       validity: expired
sub  2048R/4EB9E134  created: 2013-04-24  expired: 2015-04-24  usage: SEA 
[ expired] (1). Simon Amor <simon@leaky.org>

Then extend the expiry date by 1 year.

gpg> expire
Changing expiration time for the primary key.
Please specify how long the key should be valid.
        0 = key does not expire
     <n>  = key expires in n days
     <n>w = key expires in n weeks
     <n>m = key expires in n months
     <n>y = key expires in n years
Key is valid for? (0) 1y
Key expires at Sat 23 Apr 14:49:23 2016 BST

gpg: WARNING: Your encryption subkey expires soon.
gpg: You may want to change its expiration date too.

Update the expiry date on the sub-key as well.

gpg> key 1
         
pub  2048R/97063FCD  created: 2013-04-24  expires: 2016-04-23  usage: SCEA
                    trust: unknown       validity: unknown
sub* 2048R/4EB9E134  created: 2013-04-24  expired: 2015-04-24  usage: SEA 
[ unknown] (1). Simon Amor <simon@leaky.org>

gpg> expire
Key is valid for? (0) 1y

Save the changes to the key.

gpg> save
You need a passphrase to unlock the secret key for
user: "Simon Amor <simon@leaky.org>"
2048-bit RSA key, ID 97063FCD, created 2013-04-24

Next push the key back out to the keyservers

$ gpg -v --keyserver pgp.mit.edu --send-keys 97063FCD
gpg: sending key 97063FCD to hkp server pgp.mit.edu