Using PGP on DragonFly

Pretty Good Privacy (PGP) is used to sign or verify files or emails. For DragonFly there exist three different ports that implement PGP functionality:

  • security/pgp
  • security/netpgp
  • security/gnupg

Only the latter really worked for me. For instance, my public key created with pgp could not be imported on another system, which I assume was using GnuPGP. So I stick with security/gnupg and describe below how to use it to create a key and how to sign and verify binary data.

Creating a key

gpg --gen-key

Then follow the instructions. To show the fingerprint of your key, use:

gpg --fingerprint youremailaddress

Exporting your public key

gpg --export --armor youremailaddress > mykey.asc

You can then send mykey.asc to someone or put it on your homepage for others to download.

Signing a binary file

To generate a detached signature for snapshot.tar.gz:

gpg --armor --detach-sign snapshot.tar.gz

This will create snapshot.tar.gz.asc.

Verify a signed file

To verify the signature from the last step use:

gpg --verify snapshot.tar.gz.asc snapshot.tar.gz

If successful, this should show something similar to:

gpg: Good signature from "Michael ...."