[Gpg4win-users-en] verify
Bernhard Reiter
bernhard at intevation.de
Tue Nov 28 18:47:10 CET 2023
Am Dienstag 28 November 2023 17:55:19 schrieb Frank Esposito:
> thanks for the info ---- I am new to all this and it quite overwhelming
> just to verify a file ----
For the Gpg4win*.exe download, you don't, just check the code signature. :)
Otherwise you do it from the explorer, right click and select verify
on the signature.
If you want to do it on the command line as an exercise:
> from the syntax of --verify how is the
> public key found/referenced?
The public key (short "pubkey") is imported earlier and then is found in your
local key storage.
So it is just
gpg --verify FILENAME
after you did an
gpg --fetch https://gnupg.org/signature_key.asc
Or you download https://gnupg.org/signature_key.asc
and
gpg --import signature_key.as
If you want to see more about what is happening, you can add an `-v` after
the 'gpg`, like
gpg -v --fetch https://gnupg.org/signature_key.asc
Best Regards,
Bernhard
--
https://intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.wald.intevation.org/pipermail/gpg4win-users-en/attachments/20231128/ed4564b5/attachment.sig>
More information about the Gpg4win-users-en
mailing list