Quick Tutorial: How to Sign and Verify a file with gpg
This article covers a methodology of how to sign a file without encryption. Assume you need to send one file to your client which is not secret but still your client wants to check the integrity and authenticity. By using the below-mentioned steps, your client can easily verify the authenticity and integrity of the file without encryption.
Click Here if you have not created gpg keypairs. This is a prerequisite for performing below mentioned steps to sign a file without encryption with gpg.
(1) Creation of test file or use an existing file that is no secret to your client. Sign an unencrypted message for your client by using the below command:
$gpg -s <filename>
You need to enter the passphrase to unlock the secret key. This command creates a .gpg type of file.
(2) Send a .gpg type message to your client via email.
(3) Client now tries to view the .gpg type of file by using the below command:
less <.gpg-type-of-file>
A lot of unneeded or gibberish data is also available. Still, your client is able to see data sent by you.
(4) To verify the integrity of the file, the client can use the below command:
gpg --verify <.gpg-type-of-file>
Conclusion
This quick tutorial covers how to sign a file without encryption with gpg. I recommend using the above-mentioned steps to exploit the features of gpg.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.
