I was debugging a gpg issue earlier this week, and needed to dump the contents of a public key in some type of human readable form. After a bit of googling I came across the crazy awesome pgpdump utility, which provides a command line interface to display the contents of a GPG public key. To [...]
Archive for 'GNU Privacy Guard'
One of my friends recently asked me how to verify a signature that is distributed with an opensource application. Since I didn’t have a machine handy to show him, I thought I would jot this down for him in my blog. The first step in verifying a signature requires locating the public key of the [...]
I recently downloaded the samhain file integrity verification suite, and wanted to verify the authenticity of the package. The samhain developers distribute samhain as tar archive, which includes the source code and a detached ASCII signature file: $ /usr/sfw/bin/gtar tvfz samhain-current.tar.gz -rw-r–r– 1000/100 1302539 2005-09-22 16:05:35 samhain-2.0.10a.tar.gz -rw-r–r– 1000/100 189 2005-09-22 16:06:29 samhain-2.0.10a.tar.gz.asc To verify [...]
The GNU privacy guard provides a command line tool (gpg) to encrypt data and manage digital signatures. GPG supports the OpenPGP standard, and provides easy access to a variety of key distribution servers. To view the full list of options available to gpg, you can run gpg with the “-h” option: $ gpg -h | [...]