Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [signature]

Use for questions related to digital signatures

71 questions
45
votes
2 answers

Set default key in gpg for signing

I have created multiple keys using gpg. Whenever I try to sign any file, gpg automatically uses the first one I have created. How to set default key for signing in gpg. I don't want to delete/revoke the other one yet. Otherwise, how can I…
Aman Sharma
  • 551
  • 1
  • 4
  • 5
21
votes
2 answers

How to add a third-party repo. and key in Debian?

I looked at another similar question about adding third-party repos. I am trying to add a third-party desktop IM client called riot . While the site gives link to the third-party it gives no instructions as how to add third-party sources or keyring…
shirish
  • 11,967
  • 27
  • 107
  • 190
15
votes
2 answers

Why aren't the Fedora GPG keys signed?

Fedora uses GPG-keys for signing RPM packages and ISO checksum files. They list the keys in use (including fingerprints) on a web page. The web page is delivered via https. For example the checksum file for Fedora-16-i386-DVD.iso is signed with key…
maxschlepzig
  • 56,316
  • 50
  • 205
  • 279
14
votes
2 answers

What is a vfat signature?

Recently, I have noticed that I cannot access my USB flash drive filesystem (it was of FAT type, as far as I can remember). Fedora did not mount it automatically and lsblk could not see the partition. So, I decided to create new partition (instead…
Silv
  • 295
  • 1
  • 2
  • 12
10
votes
1 answer

Cli verification of digitally signed email

I am Alice and I've received signed email from Bob. I use Web e-Mail client (e.g. GMail) and I see that one of attachements is smime.p7s. I've found option "show original message" and saved contents into message.orig. Assuming Bob signed email, how…
Grzegorz Wierzowiecki
  • 13,865
  • 23
  • 89
  • 137
10
votes
1 answer

How to verify a kernel module signature?

When you compile a kernel source, you can choose to sign kernel modules using the CONFIG_MODULE_SIG* options. The modinfo tool should handle the task of verifying the module signature, but there has been some bug in it for years, and the tool simply…
Mikhail Morfikov
  • 10,309
  • 19
  • 69
  • 104
8
votes
2 answers

How do I prevent gpg from including SHA1?

apt-get is complaining that signatures are invalid and that the InRelease file is not signed (see Using Centos to sign .deb packages for background). On the server, I have verified using gpg that InRelease is in fact signed. Per Debian 9, APT, and…
user1032531
  • 1,877
  • 6
  • 29
  • 35
8
votes
2 answers

How can I extract Signatures data from a Windows `exe` file under Linux using cli

If you go to the VirusTotal link , there is a tab called file info(I think; mine is dutch). You'll see a header called "Authenticode signature block and FileVersionInfo properties" I want to extract the data under the header using Linux cli.…
blade19899
  • 547
  • 5
  • 12
  • 25
7
votes
3 answers

How to create a self-signed certificate for Okular PDF

I am at a loss. I want to create a self-signed certificate to sign PDFs with Okular. I have not found any step-by-step directions that work. I tried creating and installing a certificate, but Okular did not recognize it. This was couple weeks ago,…
gaussian
  • 184
  • 1
  • 7
7
votes
2 answers

torbrowser signature verification fails - a glitch or an "attack"?

I wanted to try using TOR on my new Linux Mint 18.1 installation. So I apt-get installed torbrowser-launcher and tor, then ran torbrowser-launcher. It opened a dialog box and showed me it was downloading the TOR browser; but when it was done, it…
einpoklum
  • 8,772
  • 19
  • 65
  • 129
6
votes
2 answers

Sign a module after kernel compilation

I've built a kernel in tmpfs, then I rebooted. Now I see a message when I compile the 3rd party module, NO SIGN [M] XXXX.ko How can I get it signed? The key pair generated during rpmbuild is lost already I guess
daisy
  • 53,527
  • 78
  • 236
  • 383
6
votes
2 answers

How can I check if there is a signature associated with a deb package?

In rpm-based systems, we can easily see if there is a signature associated with an rpm file: rpm -qpi | grep -i signature For .deb files, we can see the package information but it doesn't include the information of whether a…
Sourav Bhattacharjee
  • 173
  • 1
  • 7
6
votes
1 answer

How to detach-sign a file with a specific private key? || Why this fails?

I have a .tar.xz file which I would like to detach-sign using my gpg private key. The problem is, I have multiple of private keys imported to my keyring and need to choose, which one to use. Progress This I am trying to execute: gpg --output…
Vlastimil Burián
  • 27,586
  • 56
  • 179
  • 309
6
votes
1 answer

Getting a digital signature from an eToken/smart card into LibreOffice

I successfully managed to make use of digital signatures in LibreOffice Writer by following flatmtn.com/creating-pkcs12-certificates But now I want to use a digital certificate from an eToken/smart card and not from the Mozilla keystore…
SHW
  • 14,454
  • 14
  • 63
  • 101
5
votes
1 answer

Looking for a way to sign PDFs

I am looking for a working method to sign PDFs using the certificate from a signature card. So what I need is either a program that signs PDFs in a way that is compatible to what AcroRead does on Microsoft, or a way to forward the signature card…
schily
  • 18,806
  • 5
  • 38
  • 60
1
2 3 4 5