-# find the key fingerprint of the newly converted key
-fingerprint=$(fingerprint_host_key)
-
-# export public key to file
-log debug "exporting openpgp public key..."
-gpg_host --export-options export-minimal --armor --export "0x${fingerprint}!" > "${MHDATADIR}/ssh_host_rsa_key.pub.gpg"
-log info "SSH host public key in OpenPGP form: ${MHDATADIR}/ssh_host_rsa_key.pub.gpg"
+# create host home
+mkdir -p "${MHDATADIR}"
+mkdir -p "${GNUPGHOME_HOST}"
+chmod 700 "${GNUPGHOME_HOST}"
+
+# import pem-encoded key to an OpenPGP private key
+if [ "$keyFile" = '-' ] ; then
+ log verbose "importing key from stdin..."
+ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$serviceName" \
+ | gpg_host --import
+else
+ log verbose "importing key from file '$keyFile'..."
+ PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$serviceName" \
+ <"$keyFile" \
+ | gpg_host --import
+fi
+
+# export to OpenPGP public key to file
+update_pgp_pub_file
+
+log info "host key imported:"