Importing PGP 2.x keys

Once the extensions are loaded it is straightforward to import a PGP 2.x key pair using the option import. There are two caveats, however.

• You must not export a private key from PGP 2.x as an ASCII-armored file. Because PGP 2.x predates the OpenPGP specification, the armored message header PGP 2.x uses is not compliant with OpenPGP. Because private key export is rare, GnuPG does not check for the case when the ASCII-armored message is a private key.

• GnuPG expects imported public keys to be self-signed by the corresponding private key. This is a prudent precaution, and both GnuPG and newer versions of PGP self-sign public keys when they are first created. This is not done by PGP 2.x, however. To solve this, you can first self-sign the public key before exporting it from PGP 2.x. Alternatively, you can use the option allow-non-selfsigned-uid to force GnuPG to take the key anyway. It is recommended that you self-sign the key either before exporting it or after you have imported it, though, since using a non-self-signed key is a security risk.

alice% pgp -kx alice public.pgp 
Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses. 
[...]
Extracting from key ring: '/u/alice/.pgp/pubring.pgp', userid "alice". 
Key for user ID: Alice <alice@cyb.org> 
1024-bit key, Key ID 24E2C409, created 1999/09/18

Key extracted to file 'public.pgp'. 

alice% pgp -kx alice private.pgp .pgp/secring.pgp
Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses.
[...] 

Extracting from key ring: '.pgp/secring.pgp', userid "alice".
Key for user ID: Alice <alice@cyb.org> 
1024-bit key, Key ID 24E2C409, created 1999/09/18 

Key extracted to file 'private.pgp'.

alice% gpg --import public.pgp
gpg: key 24E2C409: public key imported 
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1) 

alice%gpg --import private.pgp 
gpg: key 24E2C409: secret key imported 
gpg: Total number processed: 1 
gpg:       secret keys read: 1 
gpg:   secret keys imported: 1