Pretty Good Privacy with keybase.io

Published by Marco on

I used PGP back in the 90’s just because it was possible. The internet was growing and my friends and I liked to experiment in those days with all that we found on the internet. PGP was one of those things. We had great fun back then but never used it again the following decades.

But a few days ago I saw a talk from Mike Godwin about privacy on the internet. He pointed out https://www.keybase.io/ in his talk as a start to set up PGP and ways to communicate with him.

I got curious again about PGP and Keybase.io and I had no trouble at all to quickly setup an account and a PGP key pair with these guys. They have nice low-level tooling to encrypt and decrypt messages on their website.

What I wanted again was a way to have my email encrypted, like I had back then in the 90’s when my friends and I played around with it. I found a great tutorial on the internet from the Electronic Frontier Foundation on how to het PGP setup on a MAC.

It is setup with Thunderbird Mail Client and within this tutorial they let you generate a PGP key pair with GnuPG. Which will do the job but I wanted to set it up with my Keybase.io key pair. I needed to export my Keybase.io key pair to the GnuPG keychain.

Reading the docs at their site, I found out that I could pull my Keybase.io Key to GnuPG keychain by the following command.

keybase pgp pull-private –all


But this gave me the following error

▶ ERROR .keys doesn’t exist

Error that .keys does not exist

Just following this workaround to fix it.

Make sure that in the linked device to your keybase.io account the option “Forbid account changes from the website” is disabled in the advanced settings. By disabling this option more possibles are enabled on the keybase.io site. One of them is to export your private key.

After you have disabled this option on your device, go to the website of keybase.io and visit your profile page. And find an “edit” link behind the signature of the public key. Select the edit link and you get the option to export your private key.

Exporting your private key

Copy the key and save it to your desktop. Use the following command to import the private key to the GnuPG keychain. Where “Private_Key.asc” holds your private key.

gpg2 –allow-secret-key-import –import Private_Key.asc

Also save your public key to your desktop. And import this one with the following command. Where “Public_Key.asc” holds your public key.

gpg2 –import Public_Key.asc

This serie of actions will replace the generation of a PGP key pair with GnuPG and import your keybase.io key pair.

DON’T FORGET TO DELETE YOUR PRIVATE KEY FROM YOUR DESKTOP.

Make sure it’s cleaned up!

Now finish the thunderbird tutorial from EFF with the keybase.io key pair. And you have a PGP mailclient setup with keybase.io. There is also a nice integration possible with the MacOS MAIL.APP with https://gpgtools.org but this requires a paid license. Whatever suites your needs.

Ok I hope this helps you.

Find me here on keybase.io and if you like to send me a PGP encrypted email, here is my public key. But this one can also be found on keybase.io.

Oh and don’t forget to send me your public key or your keybase.io profile page so I can download your public key if you shared it. If you want a message back of course ;-).

Use the following command pull in my public key in your GnuPG keychain. And a follow on keybase.io.

curl https://keybase.io/marc0janssen/pgp_keys.asc | gpg2 –import

keybase follow marc0janssen


Thanks for reading!


Leave a Reply

Your email address will not be published. Required fields are marked *