1GPGV(1) GNU Privacy Guard 1.4 GPGV(1)
2
3
4
6 gpgv - Verify OpenPGP signatures
7
9 gpgv [options] signed_files
10
11
12
13
14
16 gpgv is an OpenPGP signature verification tool.
17
18 This program is actually a stripped-down version of gpg which is only
19 able to check signatures. It is somewhat smaller than the fully-blown
20 gpg and uses a different (and simpler) way to check that the public
21 keys used to make the signature are valid. There are no configuration
22 files and only a few options are implemented.
23
24 gpgv assumes that all keys in the keyring are trustworthy. That does
25 also mean that it does not check for expired or revoked keys.
26
27 By default a keyring named ‘trustedkeys.gpg’ is used. This default
28 keyring is assumed to be in the home directory of GnuPG, either the de‐
29 fault home directory or the one set by an option or an environment
30 variable. The option --keyring may be used to specify a different
31 keyring or even multiple keyrings.
32
33
34
35
37 The program returns 0 if everything is fine, 1 if at least one signa‐
38 ture was bad, and other error codes for fatal errors.
39
40
42 gpgv recognizes these options:
43
44
45
46 --verbose
47
48 -v Gives more information during processing. If used twice, the in‐
49 put data is listed in detail.
50
51
52 --quiet
53
54 -q Try to be as quiet as possible.
55
56
57 --keyring file
58 Add file to the list of keyrings. If file begins with a tilde
59 and a slash, these are replaced by the HOME directory. If the
60 filename does not contain a slash, it is assumed to be in the
61 home-directory ("~/.gnupg" if --homedir is not used).
62
63
64 --status-fd n
65 Write special status strings to the file descriptor n. See the
66 file DETAILS in the documentation for a listing of them.
67
68
69 --logger-fd n
70 Write log output to file descriptor n and not to stderr.
71
72
73 --ignore-time-conflict
74 GnuPG normally checks that the timestamps associated with keys
75 and signatures have plausible values. However, sometimes a sig‐
76 nature seems to be older than the key due to clock problems.
77 This option turns these checks into warnings.
78
79
80 --homedir dir
81 Set the name of the home directory to dir. If this option is not
82 used, the home directory defaults to ‘~/.gnupg’. It is only
83 recognized when given on the command line. It also overrides
84 any home directory stated through the environment variable
85 ‘GNUPGHOME’ or (on Windows systems) by means of the Registry en‐
86 try HKCU\Software\GNU\GnuPG:HomeDir.
87
88 On Windows systems it is possible to install GnuPG as a portable
89 application. In this case only this command line option is con‐
90 sidered, all other ways to set a home directory are ignored.
91
92 To install GnuPG as a portable application under Windows, create
93 an empty file name ‘gpgconf.ctl’ in the same directory as the
94 tool ‘gpgconf.exe’. The root of the installation is than that
95 directory; or, if ‘gpgconf.exe’ has been installed directly be‐
96 low a directory named ‘bin’, its parent directory. You also
97 need to make sure that the following directories exist and are
98 writable: ‘ROOT/home’ for the GnuPG home and
99 ‘ROOT/var/cache/gnupg’ for internal cache files.
100
101
102 --weak-digest name
103 Treat the specified digest algorithm as weak. Signatures made
104 over weak digests algorithms are normally rejected. This option
105 can be supplied multiple times if multiple algorithms should be
106 considered weak. MD5 is always considered weak, and does not
107 need to be listed explicitly.
108
109
110
112 gpgv pgpfile
113
114 gpgv sigfile [datafile]
115 Verify the signature of the file. The second form is used for
116 detached signatures, where sigfile is the detached signature
117 (either ASCII-armored or binary) and datafile contains the
118 signed data; if datafile is "-" the signed data is expected on
119 stdin; if datafile is not given the name of the file holding the
120 signed data is constructed by cutting off the extension (".asc",
121 ".sig" or ".sign") from sigfile.
122
123
124
126 ~/.gnupg/trustedkeys.gpg
127 The default keyring with the allowed keys.
128
129
130
132 HOME Used to locate the default home directory.
133
134
135 GNUPGHOME
136 If set directory used instead of "~/.gnupg".
137
138
139
141 gpg2(1)
142
143 The full documentation for this tool is maintained as a Texinfo manual.
144 If GnuPG and the info program are properly installed at your site, the
145 command
146
147 info gnupg
148
149 should give you access to the complete manual including a menu struc‐
150 ture and an index.
151
152
153
154
155GnuPG 1.4.23 2023-01-27 GPGV(1)