[pgpony] $ download
// guide / import-gnupg-key-to-phone

How to import a GnuPG key into PGPony.

You already have a working PGP identity in GnuPG on your laptop. This guide moves it to your phone — same fingerprint, same User IDs, same subkey structure. About five minutes.

~5 minutes Desktop GnuPG required iOS / Android
// at a glance
  1. List GnuPG keys, pick the one to move
  2. Export secret key as ASCII armored
  3. Transfer the file to your phone
  4. Import into PGPony
  5. Enter passphrase
  6. Verify fingerprint matches
  7. Delete the transfer file
Prerequisites
  • A working GnuPG installation on your desktop (Linux, macOS via GPG Suite, or Windows with Gpg4win)
  • An existing PGP secret key in your gpg keyring
  • The passphrase that unlocks that key
  • A file-transfer mechanism between your computer and phone
  • PGPony installed on the phone
// step 01

Identify the key to export.

On your desktop, list your secret keys: 

gpg --list-secret-keys --keyid-format=long

Find the key you want to move to mobile. Note its email address or the long key ID (16-hex identifier on the sec line).

// step 02

Export the secret key.

Run: 

gpg --export-secret-keys --armor your@email.com > mykey.asc

Replace your@email.com with your address (or long key ID). The --armor flag produces ASCII text rather than binary; --export-secret-keys includes the private material PGPony needs.

Note The exported file is protected by your existing passphrase via OpenPGP\'s S2K-protected secret key block. An attacker with the file still needs the passphrase to do anything with it. Treat it as sensitive anyway.
// step 03

Transfer to your phone.

Move mykey.asc to your phone using an encrypted channel:

  • iPhone: AirDrop from a Mac, or the Files app via encrypted iCloud share.
  • Android: USB cable into a file manager, encrypted messenger to yourself, or trusted encrypted cloud sync.

Avoid sending as a plain email attachment — even though the file is passphrase-protected, it shouldn\'t sit in your mail provider\'s servers indefinitely.

// step 04

Import into PGPony.

Open mykey.asc from Files (iOS) or your file manager (Android). Two routes work:

  • OS share action. Tap the share icon on the file — PGPony appears as a target for OpenPGP key blocks.
  • From inside PGPony. Open the Keyring tab, tap +Import Key. Use the Import Method picker to choose Choose Key File (supports .asc, .gpg, .pgp, .key) and select your file. Or tap Paste from Clipboard if you have the armored block on your clipboard.

Both routes reach the same import flow with a preview before committing.

// step 05

Enter the passphrase.

PGPony detects the OpenPGP key block, recognizes that it contains protected secret material, and prompts for the passphrase. This is the same passphrase you use with gpg — PGPony doesn\'t change or reset it during import.

After verification, PGPony re-encrypts the secret material into its on-device storage (iOS Keychain or Android Keystore), gated by the same passphrase plus any biometric you configure.

// step 06

Verify fingerprints match.

Open the imported key in PGPony and compare its fingerprint against the desktop: 

gpg --fingerprint your@email.com

Both should show the exact same 40-hex-character string. A mismatch means the export or import got the wrong key — repeat with a freshly exported file.

Why this matters Matching fingerprints mean PGPony now holds the same key gpg has. Encryptions, decryptions, and signatures produce equivalent OpenPGP output on either device.
// step 07

Securely delete the transfer file.

Delete mykey.asc from both devices once the import is verified. On macOS, drag to trash + empty. On Linux: shred -u mykey.asc. On Android, delete from Files and empty trash. On iOS, delete from Files and empty recently deleted.

The key now lives in two places: GnuPG (desktop) and PGPony (phone). The intermediate file has served its purpose.

Verify it worked.

  • PGPony\'s keyring shows the imported key with the same name, email, and fingerprint as gpg on desktop.
  • The key is recognized as a private key (you control the secret material).
  • Encrypt a test message in PGPony and decrypt it on desktop with gpg — and vice versa. Both directions should round-trip cleanly.

Common questions.

Will the fingerprint stay the same?

Yes. Fingerprints derive from the key material, not the software. gpg --fingerprint output matches exactly what PGPony shows after import.

Export the whole keyring or just one key?

Just one key. Specify an email or key ID with --export-secret-keys. Whole-keyring exports put every secret key in one file — larger blast radius if intercepted.

Why ASCII armored?

Text format — easier to inspect, copy-paste, and survives transit through systems that mangle binary. Binary works but offers no advantage here.

Can I still use the key in gpg after?

Yes. Both apps hold a copy of the same key. Sign on the laptop, decrypt on the phone, encrypt on either. No "ownership transfer" required.

What about subkeys?

--export-secret-keys includes all subkeys. PGPony imports the full structure intact: primary, signing subkey, encryption subkey, with roles and expirations preserved.

Is it safe to email the export?

Only with an encrypted channel. The .asc is passphrase-protected, but shouldn\'t persist in mail provider servers. AirDrop, USB, or end-to-end encrypted messaging are better.

Next steps.

Hygiene

Back up your private key
Use

Send an encrypted email
Security

Set up biometric lock
Compare

PGPony vs GPG Suite

Get PGPony

Free OpenPGP encryption for iOS and Android. No accounts, no tracking.

Download on the App Store
Get it on Google Play