Unix/Linux Go Back    


NetBSD 6.1.5 - man page for netpgpverify (netbsd section 1)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)


NETPGPVERIFY(1) 		   BSD General Commands Manual			  NETPGPVERIFY(1)

NAME
     netpgpverify -- standalone program for digital signature verification

SYNOPSIS
     netpgpverify --verify [--output=filename] [options] file ...

		  where the options for all commands are:

		  [--coredumps]
		  [--homedir=home-directory]
		  [--keyring=keyring]
		  [--userid=userid]
		  [--verbose]

DESCRIPTION
     The netpgpverify complements the netpgp(1) program, and duplicates its verification func-
     tionality in a single standalone program.	The reason for this duplication is simply because
     verification of digital signatures is such a common operation that a single, much smaller,
     standalone program can be used.

     The following commands are used to verify signatures:

     --coredumps   In normal processing, if an error occurs, the contents of memory are saved to
		   disk, and can be read using tools to analyse behaviour.  Unfortunately this
		   can disclose information to people viewing the core dump, such as secret keys,
		   and passphrases protecting those keys.  In normal operation, netpgpverify will
		   turn off the ability to save core dumps on persistent storage, but selecting
		   this option will allow core dumps to be written to disk.  This option should
		   be used wisely, and any core dumps should be deleted in a secure manner when
		   no longer needed.

     --homedir home-directory
		   Keyrings are normally located, for historical reasons, within the user's home
		   directory in a subdirectory called ``.gnupg'' and this option specifies an
		   alternative location in which to find that sub-directory.

     --keyring keyring
		   This option specifies an alternative keyring to be used.  All keyring opera-
		   tions will be relative to this alternative keyring.

     --output	   specifies a filename to which verified output from a signed file may be redi-
		   rected.  The default is to send the verified output to stdout, and this may
		   also be specified using the ``-'' value.

     --verbose	   This option can be used to view information during the process of the
		   netpgpverify requests.

SIGNING AND VERIFICATION
     Verification of a file's signature is best viewed using the following example:

     % netpgp --sign --userid=agc@netbsd.org a
     signature	2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
     Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
     uid	      Alistair Crooks <alistair@hockley-crooks.com>
     uid	      Alistair Crooks <agc@pkgsrc.org>
     uid	      Alistair Crooks <agc@netbsd.org>
     uid	      Alistair Crooks <agc@alistaircrooks.com>
     uid	      Alistair Crooks (Yahoo!) <agcrooks@yahoo-inc.com>
     encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12
     netpgp passphrase:
     % netpgpverify a.gpg
     Good signature for a.gpg made Thu Jan 29 03:06:00 2009
     using RSA (Encrypt or Sign) key 1B68DCFCC0596823
     signature	2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
     Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
     uid	      Alistair Crooks <alistair@hockley-crooks.com>
     uid	      Alistair Crooks <agc@pkgsrc.org>
     uid	      Alistair Crooks <agc@netbsd.org>
     uid	      Alistair Crooks <agc@alistaircrooks.com>
     uid	      Alistair Crooks (Yahoo!) <agcrooks@yahoo-inc.com>
     encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12
     %

     In the example above, a signature is made on a single file called ``a'' using a user iden-
     tity corresponding to ``agc@netbsd.org'' and using the netpgp(1) program.	The key located
     for the user identity is displayed, and the user is prompted to type in their passphrase.
     The resulting file, called ``a.gpg'' is placed in the same directory.  The second part of
     the example shows a verification using netpgpverify of the signed file taking place.  The
     time and user identity of the signatory is displayed, followed by a fuller description of
     the public key of the signatory.  In both cases, the exit value from the utility was a suc-
     cessful one.

EXIT STATUS
     The netpgpverify utility will return 0 for success, 1 if the file's signature does not match
     what was expected, or 2 if any other error occurs.

SEE ALSO
     netpgp(1), libnetpgp(3), ssl(3), zlib(3)

STANDARDS
     The netpgpverify utility is designed to conform to IETF RFC 4880.

HISTORY
     The netpgpverify command first appeared in NetBSD 6.0.

AUTHORS
     Ben Laurie, Rachel Willmer, and was overhauled and rewritten by Alistair Crooks
     <agc@NetBSD.org>.	This manual page was written by Alistair Crooks.

BSD					November 10, 2010				      BSD
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums


All times are GMT -4. The time now is 02:04 PM.