This article details how to import a lost or missing PGP key to PGP Desktop in a PGP Universal Server managed environment. This functionality is only available for users with a GKM key. Guarded Key Mode (GKM) allows users to be able to generate and manage their own keys, and maintain encrypted copies of users private keys stored on the PGP Universal Server.
Because the PGP Universal Server stores a copy of a GKM key, a user can download a new copy whenever needed. If the user loses their key (due, for example, to a hard disk failure or theft of the computer), they can download the backed-up copy of their key from PGP Universal Server, and continue to use it as before.
The GKM key stored by PGP Universal Server is encrypted using the user's passphrase. If the user has forgotten the passphrase, or is not available to provide the passphrase, it is not possible to recover the encryption key.
Export GKM Key
- Open the PGP Universal Server administrative interface.
- Click the Users card then select Internal.
- Search and click the Name of the user.
- Click the PGP Keys tab and confirm the Mode is GKM.
- Click the down arrow icon below Options. The Export Key dialog is displayed.
- Select the Export Keypair radio button, then click the Export button. The keypair is exported as a .asc file.
- Click Save.
- Specify a location for file and click Save.
Import a key to PGP Desktop
- Copy the .asc file to the client system.
- Browse to and double-click the file.
- Click Import button when the Select key(s) dialog is displayed.
- Click OK.
- Open PGP Desktop and select the PGP Keys Control box.
- Double-click the imported key. The key properties are displayed.
- Click Trust and change the option from None to Implicit.
- Close the key properties. Your key now displays a green check in the Verified column.