1
Where do I copy which file from my OpenPGP installation on Ubuntu 14.04 on my Android 4.0 device to be able to import it into APG which is the en-/decryption provider I use in the K-9 Mail client?
Karl Richter
Posted 2014-05-24T13:17:00.537
Reputation: 1 641
0
On Ubuntu, search for your private key:
gpg --list-secret-keys
Once you know its ID (let's say it is 0000111122223333), export it to a file:
gpg --export-secret-keys --armor 0000111122223333 > private-key.asc
Find a way to securely transfer this secret key onto your Android device. You can then import the secret key in APG/OpenKeychain from the file you transfered.
Diti
Posted 2014-05-24T13:17:00.537
Reputation: 288
1ockquote>
"Find a way to securely transfer this secret key onto your Android device."
Well aye, there's the rub. Any recommendations on how to do this? Many use Dropbox to transfer files to Android, which you probably don't want to do with your secret key (and email, etc. are similarly problematic). – npdoty – 2014-09-29T20:24:34.133
@npdoty While your key won't ever be secure on a Company-controlled device (e.g. iPhone, stock Android, Windows phones), you can certainly safely get it there by using a simple USB chord. – Raphael – 2015-01-21T19:30:01.307
I did it like this, the key imports fine (contact is shown with public and private key both) but it is apparently not properly registered as "my key"; I can not sign stuff. – Raphael – 2015-01-21T19:30:50.447
Thanks! Just to make sure... This would export both the private key and the public key to the .asc file and APG or another provider will (probably) recognize them correctly (i.e. it is (usually) not possible that the public key is confused with the private) and I can start signing mails like on the host where I exported the keys? Can I delete private-key.asc on both export and import host/device? – Karl Richter – 2014-05-24T17:30:23.433
Actually, this procedure exports only the private key. You should also get your public key back from online keyservers (or --export the key, which means only it's publié key part). And yes, thanks to the ASCII armor, your keys are likely to be recognized by other OpenPGP-compliant software like APG. – Diti – 2014-05-24T17:34:31.117
How can I recognize the key among others with the exact same details (mail addresses and names) which I already transferred using the same proceedure on the import device (I initially created two keys and uploaded both on the same or different servers)? – Karl Richter – 2014-05-24T18:07:49.483
@KarlRichter I'm not sure what you mean, but OpenPGP keys can be distinguished with their ID (or, better, their fingerprint). When you run gpg --list-secret-keys, one of the first lines of output is something like sec 4096R/22223333 1970-01-01; 4096R means the key(pair) is 4096-bit RSA, and the part after the slash is the identifier of the key. That's how you may identify a key on different devices. – Diti – 2014-05-24T18:46:46.777
in both APG and OpenKeychain (on Android) the sequence of 655367 bit blocks is not the same as on the Ubuntu host, but one can identify the keys with this knowledge – Karl Richter – 2014-05-24T19:37:53.460
Do you use
gnupgon Ubuntu? – Diti – 2014-05-24T13:43:23.833Yes, version
1.4.16-1ubuntu2– Karl Richter – 2014-05-24T17:03:28.833