Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
GPGV(1)			     GNU Privacy Guard 1.4		       GPGV(1)

       gpgv - Verify OpenPGP signatures

       gpgv [options] signed_files

       gpgv is an OpenPGP signature verification tool.

       This  program  is actually a stripped-down version of gpg which is only
       able to check signatures. It is somewhat	smaller	than  the  fully-blown
       gpg  and	 uses  a  different (and simpler) way to check that the	public
       keys used to make the signature are valid. There	are  no	 configuration
       files and only a	few options are	implemented.

       gpgv  assumes  that all keys in the keyring are trustworthy.  That does
       also mean that it does not check	for expired or revoked keys.

       By default a keyring named `trustedkeys.gpg'  is	 used.	 This  default
       keyring is assumed to be	in the home directory of GnuPG,	either the de-
       fault home directory or the one set by  an  option  or  an  environment
       variable.   The	option	--keyring  may	be used	to specify a different
       keyring or even multiple	keyrings.

       The program returns 0 if	everything is fine, 1 if at least  one	signa-
       ture was	bad, and other error codes for fatal errors.

       gpgv recognizes these options:


       -v     Gives more information during processing.	If used	twice, the in-
	      put data is listed in detail.


       -q     Try to be	as quiet as possible.

       --keyring file
	      Add file to the list of keyrings.	 If file begins	with  a	 tilde
	      and  a  slash,  these are	replaced by the	HOME directory.	If the
	      filename does not	contain	a slash, it is assumed to  be  in  the
	      home-directory ("~/.gnupg" if --homedir is not used).

       --status-fd n
	      Write  special status strings to the file	descriptor n.  See the
	      file DETAILS in the documentation	for a listing of them.

       --logger-fd n
	      Write log	output to file descriptor n and	not to stderr.

	      GnuPG normally checks that the timestamps	associated  with  keys
	      and  signatures have plausible values. However, sometimes	a sig-
	      nature seems to be older than the	key  due  to  clock  problems.
	      This option turns	these checks into warnings.

       --homedir dir
	      Set the name of the home directory to dir. If this option	is not
	      used, the	home directory defaults	to  `~/.gnupg'.	  It  is  only
	      recognized  when	given  on the command line.  It	also overrides
	      any home	directory  stated  through  the	 environment  variable
	      `GNUPGHOME' or (on Windows systems) by means of the Registry en-
	      try HKCU\Software\GNU\GnuPG:HomeDir.

	      On Windows systems it is possible	to install GnuPG as a portable
	      application.  In this case only this command line	option is con-
	      sidered, all other ways to set a home directory are ignored.

	      To install GnuPG as a portable application under Windows,	create
	      an  empty	 file  name `gpgconf.ctl' in the same directory	as the
	      tool `gpgconf.exe'.  The root of the installation	is  than  that
	      directory;  or, if `gpgconf.exe' has been	installed directly be-
	      low a directory named `bin', its	parent	directory.   You  also
	      need  to	make sure that the following directories exist and are
	      writable:	   `ROOT/home'	  for	 the	GnuPG	  home	   and
	      `ROOT/var/cache/gnupg' for internal cache	files.

       --weak-digest name
	      Treat  the  specified digest algorithm as	weak.  Signatures made
	      over weak	digests	algorithms are normally	rejected. This	option
	      can  be supplied multiple	times if multiple algorithms should be
	      considered weak.	MD5 is always considered weak,	and  does  not
	      need to be listed	explicitly.

       gpgv pgpfile

       gpgv sigfile [datafile]
	      Verify  the  signature  of the file. The second form is used for
	      detached signatures, where sigfile  is  the  detached  signature
	      (either  ASCII-armored  or  binary)  and	datafile  contains the
	      signed data; if datafile is "-" the signed data is  expected  on
	      stdin; if	datafile is not	given the name of the file holding the
	      signed data is constructed by cutting off	the extension (".asc",
	      ".sig" or	".sign") from sigfile.

	      The default keyring with the allowed keys.

       HOME   Used to locate the default home directory.

	      If set directory used instead of "~/.gnupg".


       The full	documentation for this tool is maintained as a Texinfo manual.
       If GnuPG	and the	info program are properly installed at your site,  the

	 info gnupg

       should  give  you access	to the complete	manual including a menu	struc-
       ture and	an index.

GnuPG 1.4.23			  2022-09-04			       GPGV(1)


Want to link to this manual page? Use this URL:

home | help