Verify that the file is from who I expect it to be from
dan.horne at redbone.co.nz
Mon Oct 30 03:00:35 CET 2017
Thanks. I exported my keys to ~/.gnupg/trustedkeys.gpg. I tried gpgv2 but
got the following
bash-3.2$ gpgv2 declaration.pgp
gpgv: verify signatures failed: Unexpected error
Adding --verbose did not affect this (Note this is a OpenCSW install)
However, if I simply decrypt the file I get confirmation of the signature
bash-3.2$ gpg2 --output declaration.txt --decrypt declaration.pgp
gpg: encrypted with 2048-bit RSA key, ID C0F7C32A, created 2017-10-26
"<my dummy key>"
gpg: Signature made Mon Oct 30 13:04:26 2017 NZDT using RSA key ID 0A5F3B0F
gpg: Good signature from "<third party dummy key>" [ultimate]
On 28 October 2017 at 00:20, Werner Koch <wk at gnupg.org> wrote:
> On Fri, 27 Oct 2017 06:01, dan.horne at redbone.co.nz said:
> > gpg2 --verify-sign <key-id> <filename>
> Verification against a set of known keys is done using gpgv
> gpgv FILE
> which uses ~/.gnupg/trustedkeys.gpg. To specifiy another file with keys
> you use
> gpgv --keyring KEYRING FILE
> here is how we do this when building GnUPG using the Speedo scripts:
> if ! $GPGV --keyring "$distsigkey" swdb.lst.sig swdb.lst; then
> echo "list of software versions is not valid!" >&2
> exit 1
> This is from gnupg/build-aux/getswdb.sh. To create the file with the
> keys you can do this:
> gpg --export --export-options export-minimal FPR1 FPR2 FPR2
> Do _not_ use --armor. --export-options is not really required but
> strips down the size of the key.
> @Rob: Shouldn't we mention gpgv in the FAQ?
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users