June 2003
Intermediate to advanced
336 pages
8h 54m
English
Content preview from Linux Security CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
7.14. Creating a Detached Signature File
Problem
You want to sign a file digitally, but have the signature reside in a separate file.
Solution
To create a binary-format detached signature, myfile.sig:
$ gpg --detach-sign myfile
To create an ASCII-format detached signature, myfile.asc:
$ gpg --detach-sign -a myfile
In either case, you’ll be prompted for your passphrase.
Discussion
A detached signature is placed into a file by itself, not inside the file it represents. Detached signatures are commonly used to validate software distributed in compressed tar files, e.g., myprogram.tar.gz. You can’t sign such a file internally without altering its contents, so the signature is created in a separate file such as myprogram.tar.gz.sig.
See Also
gpg(1).