Re: [OT] Manually verifying PGP/MIME signature with GPG
On Sun, Apr 15, 2012 at 04:28:28PM +0000, Camaleón wrote:
> (Disclaimer: newbies and soft-minded readers, please, stop reading here.
> The following content can damage your mind. You've been advised)
Ha! I believe that is a "dig" at some constructive criticism.
Ummm, let's see, .... No FUD in there, safe to proceed.
> As I thought, verifying PGP/MIME detached signatures can be also done from
> command line with GPG. I have tried with some posts from this same mailing
> list coming from users that use detached signatures and in every case it
> worked fine:
>
>
>
> sm01@stt008:~/Desktop$ LANG=C gpg --keyserver-options auto-key-retrieve --keyserver pool.sks-keyservers.net --verify test.pgp test.eml
> gpg: Signature made Tue Apr 10 08:41:59 2012 CEST using RSA key ID 82A46728
> gpg: Good signature from "Mika Suomalainen"
> gpg: aka "Mika Suomalainen <s.mika95@gmail.com>"
> gpg: aka "Mika Suomalainen <mika.henrik.mainio@hotmail.com>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs to the owner.
> Primary key fingerprint: 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728
(....)
> The recipe is very easy and the only needed ingredients are:
>
> - Browsing to the mailing list archive
> - Telnet to "news.gmane.org" server to get the message
> - Use "gpg --verify"
--
"Religion is excellent stuff for keeping common people quiet."
-- Napoleon Bonaparte
Reply to: