Verify that the file is from who I expect it to be from

Robert J. Hansen rjh at
Fri Oct 27 04:06:49 CEST 2017

> maybe I'm missing something, but how do I verify not only that an
> encrypted file is signed, but that it is signed by the party I expect to
> have signed it?

Look for output like:

Signature made 10/26/17 22:01:37 Eastern Daylight Time
               using RSA key CC11BE7CBBED77B120F37B011DCBDC01B44427C7
Good signature from "Robert J. Hansen <rjh at>" [ultimate]
                aka "Robert J. Hansen <rob at>" [ultimate]
                aka "Robert J. Hansen <rob at>"

See that line reading "Good signature"?  That's what you're looking for.
 Hope this helps.  :)

More information about the Gnupg-users mailing list