Note: Backup & restore keys

This is a personal note on how-to backup (and restore) personal keys which are not checked-in to SVC.

SSH keys

Simply copy the key pairs as-is to the new destination. By default, the keys are in ~/.ssh.

PGP keys

(Using GnuPG)

It is useful to do optional housekeeping and clean up keys first before the backup. gpg --list-secret-keys --keyid-format LONG shows all the keys available on the machine. In case the keys should be removed, see if it should be revoked first; then delete it using --delete-keys.

Then create backup of (i) private, (ii) public keys and (iii) owner trust database.

gpg --export --export-options backup --output public.gpg
gpg --export-secret-keys --export-options backup --output private.gpg
gpg --export-ownertrust > trust.gpg

At the destination, they can be imported as following.

gpg --import public.gpg
gpg --import private.gpg
gpg --import-ownertrust trust.gpg