Signing and verification of a file is best viewed using the following example:
% netpgp --sign --userid=agc@netbsd.org a
pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
uid Alistair Crooks <agc@netbsd.org>
uid Alistair Crooks <agc@pkgsrc.org>
uid Alistair Crooks <agc@alistaircrooks.com>
uid Alistair Crooks <alistair@hockley-crooks.com>
netpgp passphrase:
% netpgpverify a.gpg
Good signature for a.gpg made Thu Jan 29 03:06:00 2009
using RSA (Encrypt or Sign) key 1B68DCFCC0596823
pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
uid Alistair Crooks <alistair@hockley-crooks.com>
uid Alistair Crooks <agc@pkgsrc.org>
uid Alistair Crooks <agc@netbsd.org>
uid Alistair Crooks <agc@alistaircrooks.com>
%
In the example above, a signature is made on a single file called “
a” using a user identity corresponding to “agc@netbsd.org” and using the
netpgp(1) program. The key located for the user identity is displayed, and the user is prompted to type in their passphrase. The resulting file, called “
a.gpg” is placed in the same directory. The second part of the example shows a verification using
netpgpverify of the signed file taking place. The time and user identity of the signatory is displayed, followed by a fuller description of the public key of the signatory. In both cases, the exit value from the utility was a successful one.