Importing a Public Key

The other end of key exchange — importing other people's public keys to your keyring — is just as simple as exporting keys. When you import someone's public key, you can decrypt their mail and check their digital signature against their public key on your keyring.

One of the easiest ways to import a key is to download the key or save it from a website. To learn how to import Red Hat's key, refer to the Section called Importing Keys in Chapter 25.

After downloading a key, use the command gpg --import key.asc to add it to your keyring.

Another way to save a key is to use a browser's Save As feature. If you are using a browser such as Navigator, and you locate a key at a keyserver, you can save the page as a text file (go to File => Save As). In the drop-down box next to Format for saved document, choose Text. Then, you can import the key — but remember the name of the file you saved. For example, if you saved a key as a text file called newkey.txt, to import the file, at a shell prompt, type the following command:

gpg --import newkey.txt

The output will look similar to the following:

gpg: key F78FFE84: public key imported
gpg: Total number processed: 1
gpg:               imported: 1

To check that the process was successful, use the gpg --list-keys command; you should see your newly imported key listed on your keyring.