[Gpg4win-users-en] verify

Bernhard Reiter bernhard at intevation.de
Tue Nov 28 18:47:10 CET 2023

Am Dienstag 28 November 2023 17:55:19 schrieb Frank Esposito:
> thanks for the info ----  I am new to all  this and it quite overwhelming
> just to  verify a file ----  

For the Gpg4win*.exe download, you don't, just check the code signature. :)

Otherwise you do it from the explorer, right click and select verify
on the signature.

If you want to do it on the command line as an exercise:

> from the syntax  of  --verify   how is the 
> public key  found/referenced?

The public key (short "pubkey") is imported earlier and then is found in your 
local key storage.

So it is just
   gpg --verify FILENAME

after you did an
  gpg --fetch https://gnupg.org/signature_key.asc

Or you download https://gnupg.org/signature_key.asc
  gpg --import signature_key.as

If you want to see more about what is happening, you can add an `-v` after 
the 'gpg`, like 
gpg -v --fetch https://gnupg.org/signature_key.asc

Best Regards,

https://intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.wald.intevation.org/pipermail/gpg4win-users-en/attachments/20231128/ed4564b5/attachment.sig>

More information about the Gpg4win-users-en mailing list