How to verify a detached signature
gpg2.20.maniams at dfgh.net
gpg2.20.maniams at dfgh.net
Mon Jun 15 14:26:59 CEST 2009
On Sun, Jun 14, 2009 at 12:57 AM, Charly Avital - shavital at mac.com wrote:
> gpg2.20.maniams at dfgh.net wrote the following on 6/13/09 12:36 AM:
> [...]
>
>
> > 1. How do I find out if a signature file _is_ PGP / GPG compliant
> >
> > 2. Presently I use GPG command line version. With that how do I verify
> > that the original HTML file is not tampered with. A command or set of
> > commands would be most appreciated
> >
> > _Other details : _
> > 3. This sender has so far sent me multiple files with signatures. The
> > data files are named "filename_dd_mm_yy.html" and the signature is
> > always called signature.bin (no date of no identifiable marks). All data
> > files are only signed and not encrypted
>
> try:
>
> gpg --verify [path to]signature.bin [path to]filename[return]
>
> Good luck,
> Charly
>
Thanks for the response. I did try. But GPG cannot verify this file. I get
the following answer
gpg: no valid OpenPGP data found.
gpg: the signature could not be verified.
Please remember that the signature file (.sig or .asc)
should be the first file given on the command line.
*Probably *one of the following two is happening
1. This signature is NOT GPG compliant
2. Probably this signature is GPG / PGP compliant but GPG is unable to
recognise this as a GPG signature
So back to my original question
1. How do I find out if a signature file _is_ PGP / GPG compliant
&
1.a. Will changing the extension help ?
regards
maniams
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20090615/51870688/attachment-0001.htm>
More information about the Gnupg-users
mailing list