Can you extend the expiration date of an already expired GPG key


Lets say I add an expiration date to a GPG/PGP key, then for some reason am unable to extend the expiration date of the key before its time is up.

Assuming I still have access to the private key (and the public key has only expired, not been revoked) can I still renew it?

Best Answer

Yes, you can renew it at any time. Here's how to do it:

gpg --list-keys
gpg --edit-key (key id)

Now you're in the gpg console. (By default, you're working on the primary key.) If you need to update a sub-key:

gpg> key 1

Now you can set the expiration for the selected key:

gpg> expire
(follow prompts)
gpg> save

Now that you've updated your key, you can send it out:

gpg --keyserver --send-keys (key id)

And, yes, having an expiration date for your keys is a very good idea. You should never really have a key with no expiration date. If it's compromised, it could be used forever.

Related Question