I always set my GPG keys to expire after 1 year.
=> Why set an expiration date for a key?
This means that for all keys that I still want to use, I have to set a new expiration date every year. You can always set a new expiration date, even if a key has already expired. Here’s how.
Enter the key editor with “gpg --edit-key USER-ID”. USER-ID can be anything that uniquely identifies the key that you want to edit, for example its fingerprint.
=> Get the fingerprint of a key
Set a new expiration date for the primary key with “expire” after deselecting all subkeys. All subkeys are deselected by default. If you have selected a subkey, deselect all subkeys with “key 0”.
Set a new expiration date for a subkey with “expire” after selecting the subkey. Select a subkey with “key N”, where N is the subkey’s number. List all subkeys along with their numbers with “list”. Select all subkeys at once with “key *”.
Save all changes and exit the key editor with “save”. To discard all changes and exit the key editor, use “quit”.
You can also set the expiration date for a primary key and all its non-expired subkeys with “--quick-set-expire”. Consult the man page fore more information. I have never used this method. Once a subkey has expired, you have to go the long way anyway.
I like to export a key whenever I’ve changed it.
=> Export a key
EOF
text/gemini; lang=enThis content has been proxied by September (ba2dc).