1GPGV(1)                      GNU Privacy Guard 2.2                     GPGV(1)
2
3
4

NAME

6       gpgv - Verify OpenPGP signatures
7

SYNOPSIS

9       gpgv [options] signed_files
10
11
12

DESCRIPTION

14       gpgv is an OpenPGP signature verification tool.
15
16       This  program  is actually a stripped-down version of gpg which is only
17       able to check signatures. It is somewhat smaller than  the  fully-blown
18       gpg  and  uses  a  different (and simpler) way to check that the public
19       keys used to make the signature are valid. There are  no  configuration
20       files and only a few options are implemented.
21
22       gpgv  assumes  that all keys in the keyring are trustworthy.  That does
23       also mean that it does not check for expired or revoked keys.
24
25       By default a keyring named ‘trustedkeys.kbx’ is used; if that does  not
26       exist  a  keyring named ‘trustedkeys.gpg’ is used.  The default keyring
27       is assumed to be in the home directory of  GnuPG,  either  the  default
28       home  directory or the one set by an option or an environment variable.
29       The option --keyring may be used to specify a different keyring or even
30       multiple keyrings.
31
32
33
34

RETURN VALUE

36       The  program  returns 0 if everything is fine, 1 if at least one signa‐
37       ture was bad, and other error codes for fatal errors.
38
39

OPTIONS

41       gpgv recognizes these options:
42
43
44
45       --verbose
46       -v     Gives more information during processing.  If  used  twice,  the
47              input data is listed in detail.
48
49
50       --quiet
51       -q     Try to be as quiet as possible.
52
53
54       --keyring file
55              Add  file  to the list of keyrings.  If file begins with a tilde
56              and a slash, these are replaced by the HOME  directory.  If  the
57              filename  does  not  contain a slash, it is assumed to be in the
58              home-directory ("~/.gnupg" if --homedir is not used).
59
60
61       --output file
62       -o file
63              Write output to file; to write to stdout use -.  This option can
64              be used to get the signed text from a cleartext or binary signa‐
65              ture; it also works for detached signatures, but  in  that  case
66              this  option  is  in  general not useful.  Note that an existing
67              file will be overwritten.
68
69
70
71       --status-fd n
72              Write special status strings to the file descriptor n.  See  the
73              file DETAILS in the documentation for a listing of them.
74
75
76       --logger-fd n
77              Write log output to file descriptor n and not to stderr.
78
79
80       --log-file file
81              Same  as  --logger-fd, except the logger data is written to file
82              file.  Use ‘socket://’ to log to socket.
83
84
85       --ignore-time-conflict
86              GnuPG normally checks that the timestamps associated  with  keys
87              and  signatures have plausible values. However, sometimes a sig‐
88              nature seems to be older than the key  due  to  clock  problems.
89              This option turns these checks into warnings.
90
91
92       --homedir dir
93              Set the name of the home directory to dir. If this option is not
94              used, the home directory defaults to  ‘~/.gnupg’.   It  is  only
95              recognized  when  given  on the command line.  It also overrides
96              any home  directory  stated  through  the  environment  variable
97GNUPGHOME’  or  (on  Windows  systems) by means of the Registry
98              entry HKCU\Software\GNU\GnuPG:HomeDir.
99
100              On Windows systems it is possible to install GnuPG as a portable
101              application.  In this case only this command line option is con‐
102              sidered, all other ways to set a home directory are ignored.
103
104              To install GnuPG as a portable application under Windows, create
105              an  empty  file named ‘gpgconf.ctl’ in the same directory as the
106              tool ‘gpgconf.exe’.  The root of the installation is  then  that
107              directory;  or,  if  ‘gpgconf.exe’  has  been installed directly
108              below a directory named ‘bin’, its parent directory.   You  also
109              need  to  make sure that the following directories exist and are
110              writable:    ‘ROOT/home’    for    the    GnuPG     home     and
111ROOT/var/cache/gnupg’ for internal cache files.
112
113
114       --weak-digest name
115              Treat  the  specified digest algorithm as weak.  Signatures made
116              over weak digests algorithms are normally rejected. This  option
117              can  be supplied multiple times if multiple algorithms should be
118              considered weak.  MD5 is always considered weak,  and  does  not
119              need to be listed explicitly.
120
121
122       --enable-special-filenames
123              This option enables a mode in which filenames of the form ‘-&n’,
124              where n is a non-negative decimal  number,  refer  to  the  file
125              descriptor n and not to a file with that name.
126
127

EXAMPLES

129       gpgv pgpfile
130       gpgv sigfile [datafile]
131              Verify  the  signature  of the file. The second form is used for
132              detached signatures, where sigfile  is  the  detached  signature
133              (either  ASCII-armored  or  binary)  and  datafile  contains the
134              signed data; if datafile is "-" the signed data is  expected  on
135              stdin; if datafile is not given the name of the file holding the
136              signed data is constructed by cutting off the extension (".asc",
137              ".sig" or ".sign") from sigfile.
138
139

FILES

141       ~/.gnupg/trustedkeys.gpg
142              The default keyring with the allowed keys.
143
144

ENVIRONMENT

146       HOME   Used to locate the default home directory.
147
148
149       GNUPGHOME
150              If set directory used instead of "~/.gnupg".
151
152

SEE ALSO

154       gpg(1)
155
156       The full documentation for this tool is maintained as a Texinfo manual.
157       If GnuPG and the info program are properly installed at your site,  the
158       command
159
160         info gnupg
161
162       should  give  you access to the complete manual including a menu struc‐
163       ture and an index.
164
165
166
167
168
169
170
171GnuPG 2.2.9                       2018-06-12                           GPGV(1)
Impressum