gpgv2(1) - f29

1GPGV2(1)                     GNU Privacy Guard 2.2                    GPGV2(1)
2
3
4

NAME

6       gpgv2 - Verify OpenPGP signatures
7

SYNOPSIS

9       gpgv2 [options] signed_files
10
11

DESCRIPTION

13       gpgv2 is an OpenPGP signature verification tool.
14
15       This  program  is actually a stripped-down version of gpg which is only
16       able to check signatures. It is somewhat smaller than  the  fully-blown
17       gpg  and  uses  a  different (and simpler) way to check that the public
18       keys used to make the signature are valid. There are  no  configuration
19       files and only a few options are implemented.
20
21       gpgv2  assumes that all keys in the keyring are trustworthy.  That does
22       also mean that it does not check for expired or revoked keys.
23
24       By default a keyring named ‘trustedkeys.kbx’ is used; if that does  not
25       exist  a  keyring named ‘trustedkeys.gpg’ is used.  The default keyring
26       is assumed to be in the home directory of  GnuPG,  either  the  default
27       home  directory or the one set by an option or an environment variable.
28       The option --keyring may be used to specify a different keyring or even
29       multiple keyrings.
30
31
32
33

RETURN VALUE

35       The  program  returns 0 if everything is fine, 1 if at least one signa‐
36       ture was bad, and other error codes for fatal errors.
37
38

OPTIONS

40       gpgv2 recognizes these options:
41
42
43
44       --verbose
45       -v     Gives more information during processing.  If  used  twice,  the
46              input data is listed in detail.
47
48
49       --quiet
50       -q     Try to be as quiet as possible.
51
52
53       --keyring file
54              Add  file  to the list of keyrings.  If file begins with a tilde
55              and a slash, these are replaced by the HOME  directory.  If  the
56              filename  does  not  contain a slash, it is assumed to be in the
57              home-directory ("~/.gnupg" if --homedir is not used).
58
59
60       --output file
61       -o file
62              Write output to file; to write to stdout use -.  This option can
63              be used to get the signed text from a cleartext or binary signa‐
64              ture; it also works for detached signatures, but  in  that  case
65              this  option  is  in  general not useful.  Note that an existing
66              file will be overwritten.
67
68
69
70       --status-fd n
71              Write special status strings to the file descriptor n.  See  the
72              file DETAILS in the documentation for a listing of them.
73
74
75       --logger-fd n
76              Write log output to file descriptor n and not to stderr.
77
78
79       --log-file file
80              Same  as  --logger-fd, except the logger data is written to file
81              file.  Use ‘socket://’ to log to socket.
82
83
84       --ignore-time-conflict
85              GnuPG normally checks that the timestamps associated  with  keys
86              and  signatures have plausible values. However, sometimes a sig‐
87              nature seems to be older than the key  due  to  clock  problems.
88              This option turns these checks into warnings.
89
90
91       --homedir dir
92              Set the name of the home directory to dir. If this option is not
93              used, the home directory defaults to  ‘~/.gnupg’.   It  is  only
94              recognized  when  given  on the command line.  It also overrides
95              any home  directory  stated  through  the  environment  variable
96              ‘GNUPGHOME’  or  (on  Windows  systems) by means of the Registry
97              entry HKCU\Software\GNU\GnuPG:HomeDir.
98
99              On Windows systems it is possible to install GnuPG as a portable
100              application.  In this case only this command line option is con‐
101              sidered, all other ways to set a home directory are ignored.
102
103              To install GnuPG as a portable application under Windows, create
104              an  empty  file named ‘gpgconf.ctl’ in the same directory as the
105              tool ‘gpgconf.exe’.  The root of the installation is  then  that
106              directory;  or,  if  ‘gpgconf.exe’  has  been installed directly
107              below a directory named ‘bin’, its parent directory.   You  also
108              need  to  make sure that the following directories exist and are
109              writable:    ‘ROOT/home’    for    the    GnuPG     home     and
110              ‘ROOT/var/cache/gnupg’ for internal cache files.
111
112
113       --weak-digest name
114              Treat  the  specified digest algorithm as weak.  Signatures made
115              over weak digests algorithms are normally rejected. This  option
116              can  be supplied multiple times if multiple algorithms should be
117              considered weak.  MD5 is always considered weak,  and  does  not
118              need to be listed explicitly.
119
120
121       --enable-special-filenames
122              This option enables a mode in which filenames of the form ‘-&n’,
123              where n is a non-negative decimal  number,  refer  to  the  file
124              descriptor n and not to a file with that name.
125
126

EXAMPLES

128       gpgv2 pgpfile
129       gpgv2 sigfile [datafile]
130              Verify  the  signature  of the file. The second form is used for
131              detached signatures, where sigfile  is  the  detached  signature
132              (either  ASCII-armored  or  binary)  and  datafile  contains the
133              signed data; if datafile is "-" the signed data is  expected  on
134              stdin; if datafile is not given the name of the file holding the
135              signed data is constructed by cutting off the extension (".asc",
136              ".sig" or ".sign") from sigfile.
137
138

FILES

140       ~/.gnupg/trustedkeys.gpg
141              The default keyring with the allowed keys.
142
143

ENVIRONMENT

145       HOME   Used to locate the default home directory.
146
147
148       GNUPGHOME
149              If set directory used instead of "~/.gnupg".
150
151