Signing

GnuPG is used in this tip.

Non-interactive commands

Importing your key before signing

The private key will be imported in one GnuPG store and the public key in another store.

This will allow you to sign and verify the signature with isolated stores and thus be sure of the verification.

echo "your_password" | gpg --quiet --no-tty --batch --pinentry-mode loopback --passphrase-fd 0 \
   --homedir /home/me/gpg_sign --import private_subkey
gpg --quiet --no-tty --batch --pinentry-mode loopback \
   --homedir /home/me/gpg_verify --keyserver keys.openpgp.org --recv-keys the_fingerprint_of_your_master_key

Sign with a detached signature file

If you want to sign your_file:

echo "your_password" | gpg --quiet --no-tty --batch --pinentry-mode loopback --passphrase-fd 0 \
   --homedir /home/me/gpg_sign \
   --armor --detach-sign your_file

A your_file.asc will be created with the signature.

Sign

If you want to sign your_file:

echo "your_password" | gpg --quiet --no-tty --batch --pinentry-mode loopback --passphrase-fd 0 \
   --homedir /home/me/gpg_sign \
   --armor --clear-sign your_file

A your_file.asc will be created with the content of the file and the signature.

Check signature with a detached signature file

If you want to verify the signature of your_file with your_file.asc:

gpg --quiet --no-tty --batch --pinentry-mode loopback --passphrase-fd 0 \
   --homedir /home/me/gpg_verify \
   --verify your_file.asc your_file

Check signature

If you want to verify the file and the signature of your_file.asc:

gpg --quiet --no-tty --batch --pinentry-mode loopback --passphrase-fd 0 \
   --homedir /home/me/gpg_verify \
   --verify your_file.asc

Interactive commands

Importing your key before signing

The private key will be imported in one GnuPG store and the public key in another store.

This will allow you to sign and verify the signature with isolated stores and thus be sure of the verification.

gpg --homedir /home/me/gpg_sign --import private_subkey
gpg --homedir /home/me/gpg_verify --keyserver keys.openpgp.org --recv-keys the_fingerprint_of_your_master_key

Sign with a detached signature file

If you want to sign your_file:

gpg --homedir /home/me/gpg_sign --armor --detach-sign your_file

A your_file.asc will be created with the signature.

Sign

If you want to sign your_file:

gpg --homedir /home/me/gpg_sign --armor --clear-sign your_file

A your_file.asc will be created with the content of the file and the signature.

Check signature with a detached signature file

If you want to verify the signature of your_file with your_file.asc:

gpg --homedir /home/me/gpg_verify --verify your_file.asc your_file

Check signature

If you want to verify the file and the signature of your_file.asc:

gpg --homedir /home/me/gpg_verify --verify your_file.asc