Backup or transfer your keys

You don't want to loose your keys. But it still can happen - just think of drive failures or physical damage to your computer in the unlikely case of a fire or whatever other disasters may strike. We highly encourage users to create a backup of their keys and keep that in a save place.

  1. Backup single key
  2. Backup all keys
  3. Backup gnupg folder
  4. Transfer keys to another computer
  5. Recover gnupg folder from machine backup

1. Backup single key

  1. open GPG Keychain
  2. select the key you want to backup
  3. click "Export" in the toolbar
  4. the filename is the KeyID of your key (can be adjusted if you like)
  5. to include the secret key, activate "Allow secret key export" (only do this if you need to transfer your key to another computer, never email your sec key anywhere)
  6. after clicking "Save" you'll find a file that looks like 123456789KeyID.asc

Step 3


Step 4 & 5


2. Backup all keys

  • open GPG Keychain
  • select the keys you want to backup or hit cmd + A to select all keys


  • click "Export" in the Toolbar or right-click and select Export or use the menu File > Export


  • enter a name like "BackupKeys Year-Month-Day"
  • if you want to also include the sec keys, make sure to tick the "Allow secret key export" option

3. Backup gnupg folder

  1. open
  2. copy paste the following command: cp -R ~/.gnupg/ ~/gnupg_backup and press enter

A folder called gnupg_backup has been created in your user folder.

4. Transfer keys to another computer

You can use any of the above methods for this. On the new machine you need to import the exported files with GPG Keychain. After that all your keys should show up. Double check that all sec / pub keys were correctly transferred before deleting the backup and the source files on the first machine.

The validity of sec/pub keys will be set to "Unkown" after any import. It doesn't matter that the validity maybe was "Ultimate" before you exported the keys. To change the validity of your sec/pub key, double click it and select the wanted validity in the key inspector.

Important: Never use email or cloud services to transfer secret keys. Also transfer of all your public keys is not recommended using those two methods. Instead use a USB-drive.

5. Recover gnupg folder from backup

When you need to find the .gnupg folder on a backup you have on an external drive, it is normally located at 'Macintosh HD/Users/YourUsername/.gnupg'. .gnupg is a hidden folder. In order to show hidden files

  1. open
  2. paste defaults write AppleShowAllFiles YES and press enter
  3. then paste killall Finder and press enter

To unshow hidden files, repeat steps with NO instead of YES.

To recover your keys from a time machine backup

  1. time machine safes data into a folder called 'Backups.backupdb'
  2. search for a folder called 'YourCompuername' containing sub-folders with date and a folder called 'latest'
  3. the file structure in the 'latest' folder is similar to the one on your mac hard-drive: Macintosh HD/Users/YourUsername/.gnupg. To view the .gnupg folder, ensure to show hidden files.