UNB/ CS/ David Bremner/ gpg-hints

So you downloaded a file that might be signed by my gpg key, and you want to try to verify that.

First you need to get my public key.

gpg --keyserver keys.gnupg.net --recv-key 784206AD

Then, check that the keyserver gave you the correct key

gpg --list-keys --with-fingerprint 784206AD

You should get a line like

 Key fingerprint = 815B 6398 2A79 F8E7 C727  86C4 762B 57BB 7842 06AD

In the future you don't need to repeat those two steps (unless you are verifying a file signed by a different key, of course). Just run

gpg --verify foo.asc

where foo.asc is the file you are interested in. Note that if you want gpg to recreate the file foo for you as well as verify the signature, run

gpg foo.asc