signing and encrypting newbie question

Neil Williams linux at
Fri Jan 14 17:14:29 CET 2005

On Friday 14 January 2005 2:14 pm, Mark Ivs wrote:
> Hello,
> I am a very new to PGP. So please bare with my
> question if it is really simple.

> For just encryption this is what I tried(it works):
> gpg --recipient "XXX" --output $rootpath\\$filepgp
> --encrypt $rootpath\\encrypted\\$file`;

You can use one operation, just add -s :
gpg -asr 8F455606 -e qof-test.c
(I usually use -a as well - I encrypt mostly text files.)
When decrypted, this will print the validity of the signature at the end of 
the output. You can separate the two when decrypting:
gpg --decrypt qof-test.c.asc > qof-test.c

The file will be created and the signature validity displayed.

More commonly, use two operations. Encrypt the file, then sign the encrypted 
file using

gpg -ab

-a outputs the signature in ASCII text
-b creates a detached signature.

You'll then have two files to send up.

$ gpg -r 8F455606 -e qof-test.c
$ gpg -ab qof-test.c.gpg
$ ls -l qof*
-rw-r--r--  1 neil neil 2699 2005-01-14 16:01 qof-test.c
-rw-r--r--  1 neil neil 1743 2005-01-14 16:02 qof-test.c.gpg
-rw-r--r--  1 neil neil  189 2005-01-14 16:02 qof-test.c.gpg.asc


The .asc file is the signature, typically it's 189 bytes.

You don't need to sign keys to verify the signature. Just download both files 
into the same directory and use:

$ gpg --verify qof-test.c.gpg.asc
gpg: Signature made Fri 14 Jan 2005 16:02:57 GMT using DSA key ID 28BCB3E3
gpg: Good signature from "Neil Williams (CodeHelp) <linux at>"

GnuPG will assume that qof-test.c.gpg is the file that has been signed.

Once the signature is verified, the file can be decrypted:

$ gpg --decrypt qof-test.c.gpg


Neil Williams

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20050114/23fc18d2/attachment.pgp

More information about the Gnupg-users mailing list