rusty-snake's Tips & Tricks

Collection of useful commands and configs.

View on GitHub
8 September 2021

Sign and verify files using minisign

by rusty-snake

Are you annoyed by gpg with its hundreds of command-line arguments (without subcommands), dozens of crypto algorithms with backwards compatibility into the 1990s and different functions in one program? Then start using Minisign, “A dead simple tool to sign files and verify signatures.”

$ minisign -G
Please enter a password to protect the secret key.

Password:
Password (one more time):
Deriving a key from the password in order to encrypt the secret key... done

The secret key was saved as /home/rusty-snake/.minisign/minisign.key - Keep it secret!
The public key was saved as minisign.pub - That one can be public.

Files signed using this key pair can be verified with the following command:

minisign -Vm <file> -P RWRhTajYOf1J8t8xU/Mi3yaNxVIeLlqGKhGxzdryoqlfkveCmXDXtH4g

$ minisign -Sm checksums.txt
Password:
Deriving a key from the password and decrypting the secret key... done

$ ls
checksums.txt  checksums.txt.minisig
$ minisign -Vm checksums.txt -P RWRhTajYOf1J8t8xU/Mi3yaNxVIeLlqGKhGxzdryoqlfkveCmXDXtH4g
Signature and comment signature verified
Trusted comment: timestamp:1631095330	file:checksums.txt

Voi­là that’s it.

tags: