December 8, 2022

Change the expiration date (time) of a gpg subkey

In the shell, run:

$ gpg --list-keys

to print a list of all the keys if you don’t know the [key ID] of the key you want to change. [key ID] can be the full email address, part of the email address, part of the name.

Once you know the [key ID], run:

$ gpg --edit-key [key ID]

In your shell (the terminal) you should see a prompt:

gpg>

then:

gpg> key n

where n is the subkey’s index. For instance, if the subkey whose expiration time you want to extend is the first listed subkey, or if it is the only listed subkey, then the command would be:

gpg> key 1

You should see details of the subkey you seek to change with an asterix appened to ssb i.e. ssb*.

To change the expiration time, run:

gpg> expire

Follow the instruction to set the duration you want (i.e. time until the next expiration date). For example, if you want the key to expire in 6 months type: 6m.

Type save’:

gpg> save

You are done. You can check the subkey expiration date by running:

$ gpg -k [key ID]

Further information from GnuPG’s manual:

--edit-key

Present a menu which enables you to do most of the key management related tasks. It expects the specification of a key on the command line.

key n

Toggle selection of subkey with index n or key ID n. Use * to select all and 0 to deselect all

expire

Change the key or subkey expiration time. If a subkey is selected, the expiration time of this subkey will be changed. With no selec- tion, the key expiration of the primary key is changed.

To display the manual in your terminal run:

$ man gpg

Sources: man gpg, https://lists.gnupg.org/pipermail/gnupg-users/2005-June/026063.html, https://sites.lafayette.edu/newquisk/archives/504.


gnu linux gpg personal computing command-line interface (cli)

No affiliates, No (Google) Analytics. © 2016-2023 yctct.com. Content is licensed under CC BY-NC-SA 4.0 .