HOW TO: Manage PGP Keys using PGP Universal Satellite 2.x


Article ID: 180122


Updated On:


Symantec Products




This article describes how to manage PGP keys using PGP Universal Satellite 2.x. Managing PGP Keys includes creating, importing, and backing up PGP Keys.

After installing PGP Universal Satellite and rebooting your computer, a wizard will run allowing you to enroll with the PGP Universal Server. Depending on the settings configured on the PGP Universal Server, a key wizard may appear allowing you to select certain methods of managing your encryption keys locally (Client Key Mode) or remotely (Server Key Mode).

We strongly recommend that you let the PGP Universal Server manage your keys for you by selecting Managed Key. This will help you avoid data loss, as the server and not your local machine would manage the encryption keys.

However, if you wish to manage your own encryption keys, this document outlines the process of using the New Key option or Importing an existing key. As well, the final section describes how to backup your key.


Create a New Key 

This option allows you to generate a key pair that you can manage locally. You will need to remember your passphrase because the key is stored locally and does not have any passphrase recovery features.

PGP strongly recommends that you synchronize the private key with the PGP Universal Server. This way if you lose your key it can be recovered, provided you remember the passphrase.

Once the Key Setup Assistant appears during enrollment, follow these steps to create a key:


  1. In the PGP Messaging Key Setup Assistant, select New Key
  2. You will be prompted to enter a passphrase for this key. Enter the passphrase in both Passphrase: window and in the Confirmation: window. (You may select Show Keystrokes if you wish to see what you are typing)
  3. The next step in the wizard allows you to send an encrypted copy of the key to the PGP Universal Server. (We recommend that you allow this to happen.)
  4. The key will now be generated. Click Finish to close the wizard.

Import Key 

Choosing the Import Key option during the Key Setup Assistant is for advanced users who are already familiar with PGP Keys. To use this option, you need to have a key pair (public and private key) file to import. This file generally would be in ASCII format (e.g. keyname.asc).


  1. In the PGP Messaging Key Setup Assistant, select Import Key and click Next.
  2. Browse to the key file you wish to import and click Open.

Backup a Key 

You can open the PGP Universal Satellite program by clicking on the program icon in the system tray. There is also a program shortcut on the start-menu by default. Follow these steps to backup the key:


  1. In the PGP Universal Satellite program window select the PGP Universal Server in the servers list on the left.
  2. Click Export underneath the key name on the lower left.
  3. Make sure that the Include Private Key box is checked.
  4. Browse to the location where you wish to save the key.
  5. Type the name of the file that you wish to save in the File name: field, and then click Save.