Quick Tutorial: How to Sign and Verify a file with gpg

This article covers a methodology of how to sign a file without encryption. Assume you need to send one file to your client which is not secret but still your client wants to check the integrity and authenticity. By using the below-mentioned steps, your client can easily verify the authenticity and integrity of the file without encryption.

Click Here if you have not created gpg keypairs. This is a prerequisite for performing below mentioned steps to sign a file without encryption with gpg.

(1) Creation of test file or use an existing file that is no secret to your client. Sign an unencrypted message for your client by using the below command:

$gpg -s <filename>

You need to enter passphrase to unlock the secret key. This command creates a .gpg type of file.

(2) Send a .gpg type message to your client via email.

(3) Client now try to view the .gpg type of file by using below command:

less <.gpg-type-of-file>

Lot of unneeded or gibberish data is also available. Still, your client is able to see data send by you.

(4) To verify the integrity of file, client can use below command:

gpg --verify <.gpg-type-of-file>

Conclusion

This quick tutorial covers how to sign a file without encryption with gpg. I recommend using above mentioned steps to exploit features of gpg.

Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.

You may also like...

Leave a Reply

Your email address will not be published.