The documentation on how to export keys on gpg man page could be more clear.
As an example, the "export secret keys" option (--export-secret-keys) is blank;
this could lead the gpg newcomer to frustrating results (i.e. invoking the
command without --output and --armor).
Attached, a reworded/expanded explanation for --export , --export-secret-keys
and --export-secret-subkeys
Gpg version: 1.4.12
I improved the description in GIT master. This will be used for all
new releases. For 2.1 it reads:
--export-secret-keys
--export-secret-subkeys
Same as --export, but exports the secret keys instead.
The exported keys are written to STDOUT or to the file
given with option --output. This command is often used
along with the option --armor to allow easy printing of
the key for paper backup; however the external tool
paperkey does a better job for creating backups on
paper. Note that exporting a secret key can be a
security risk if the exported keys are send over an
insecure channel.
The second form of the command has the special property
to render the secret part of the primary key useless;
this is a GNU extension to OpenPGP and other
implementations can not be expected to successfully
import such a key. Its intended use is to generated a
full key with an additional signing subkey on a
dedicated machine and then using this command to export
the key without the primary key to the main machine.
GnuPG may ask you to enter the passphrase for the key.
This is required because the internal protection method
of the secret key is different from the one specified
in the OpenPGP protocol.Thanks