gpgv1(1) - f34

1GPGV(1)                      GNU Privacy Guard 1.4                     GPGV(1)
2
3
4

NAME

6       gpgv - Verify OpenPGP signatures
7

SYNOPSIS

9       gpgv [options] signed_files
10
11
12
13
14

DESCRIPTION

16       gpgv is an OpenPGP signature verification tool.
17
18       This  program  is actually a stripped-down version of gpg which is only
19       able to check signatures. It is somewhat smaller than  the  fully-blown
20       gpg  and  uses  a  different (and simpler) way to check that the public
21       keys used to make the signature are valid. There are  no  configuration
22       files and only a few options are implemented.
23
24       gpgv  assumes  that all keys in the keyring are trustworthy.  That does
25       also mean that it does not check for expired or revoked keys.
26
27       By default a keyring named ‘trustedkeys.gpg’  is  used.   This  default
28       keyring is assumed to be in the home directory of GnuPG, either the de‐
29       fault home directory or the one set by  an  option  or  an  environment
30       variable.   The  option  --keyring  may  be used to specify a different
31       keyring or even multiple keyrings.
32
33
34
35

RETURN VALUE

37       The program returns 0 if everything is fine, 1 if at least  one  signa‐
38       ture was bad, and other error codes for fatal errors.
39
40

OPTIONS

42       gpgv recognizes these options:
43
44
45
46       --verbose
47
48       -v     Gives more information during processing. If used twice, the in‐
49              put data is listed in detail.
50
51
52       --quiet
53
54       -q     Try to be as quiet as possible.
55
56
57       --keyring file
58              Add file to the list of keyrings.  If file begins with  a  tilde
59              and  a  slash,  these are replaced by the HOME directory. If the
60              filename does not contain a slash, it is assumed to  be  in  the
61              home-directory ("~/.gnupg" if --homedir is not used).
62
63
64       --status-fd n
65              Write  special status strings to the file descriptor n.  See the
66              file DETAILS in the documentation for a listing of them.
67
68
69       --logger-fd n
70              Write log output to file descriptor n and not to stderr.
71
72
73       --ignore-time-conflict
74              GnuPG normally checks that the timestamps associated  with  keys
75              and  signatures have plausible values. However, sometimes a sig‐
76              nature seems to be older than the key  due  to  clock  problems.
77              This option turns these checks into warnings.
78
79
80       --homedir dir
81              Set the name of the home directory to dir. If this option is not
82              used, the home directory defaults to  ‘~/.gnupg’.   It  is  only
83              recognized  when  given  on the command line.  It also overrides
84              any home  directory  stated  through  the  environment  variable
85              ‘GNUPGHOME’ or (on Windows systems) by means of the Registry en‐
86              try HKCU\Software\GNU\GnuPG:HomeDir.
87
88              On Windows systems it is possible to install GnuPG as a portable
89              application.  In this case only this command line option is con‐
90              sidered, all other ways to set a home directory are ignored.
91
92              To install GnuPG as a portable application under Windows, create
93              an  empty  file  name ‘gpgconf.ctl’ in the same directory as the
94              tool ‘gpgconf.exe’.  The root of the installation is  than  that
95              directory;  or, if ‘gpgconf.exe’ has been installed directly be‐
96              low a directory named ‘bin’, its  parent  directory.   You  also
97              need  to  make sure that the following directories exist and are
98              writable:    ‘ROOT/home’    for    the    GnuPG     home     and
99              ‘ROOT/var/cache/gnupg’ for internal cache files.
100
101
102       --weak-digest name
103              Treat  the  specified digest algorithm as weak.  Signatures made
104              over weak digests algorithms are normally rejected. This  option
105              can  be supplied multiple times if multiple algorithms should be
106              considered weak.  MD5 is always considered weak,  and  does  not
107              need to be listed explicitly.
108
109
110

EXAMPLES

112       gpgv pgpfile
113
114       gpgv sigfile [datafile]
115              Verify  the  signature  of the file. The second form is used for
116              detached signatures, where sigfile  is  the  detached  signature
117              (either  ASCII-armored  or  binary)  and  datafile  contains the
118              signed data; if datafile is "-" the signed data is  expected  on
119              stdin; if datafile is not given the name of the file holding the
120              signed data is constructed by cutting off the extension (".asc",
121              ".sig" or ".sign") from sigfile.
122
123
124

FILES

126       ~/.gnupg/trustedkeys.gpg
127              The default keyring with the allowed keys.
128
129
130

ENVIRONMENT

132       HOME   Used to locate the default home directory.
133
134
135       GNUPGHOME
136              If set directory used instead of "~/.gnupg".
137
138
139