Provided by: sq_0.37.0-1_amd64 bug

NAME
       sq verify - Verify signed messages or detached signatures


SYNOPSIS
       sq verify [OPTIONS] FILE


DESCRIPTION
       Verify signed messages or detached signatures.

       When verifying signed messages, the message is written to stdout or the file given to `--output`.

       When  a  detached message is verified, no output is produced.  Detached signatures are often used to sign
       software packages.

       Verification is only successful if there is no bad signature, and the  number  of  successfully  verified
       signatures  reaches  the  threshold  configured  with  the `--signatures` parameter.  If the verification
       fails, the program terminates with an exit status indicating failure.  In addition to that, the  last  25
       MiB  of  the message are withheld, i.e. if the message is smaller than 25 MiB, no output is produced, and
       if it is larger, then the output will be truncated.

       A signature is considered to have been authenticated if the signer can be authenticated.  If  the  signer
       is  provided  via `--signer-file`, then the signer is considered authenticated.  Otherwise, the signer is
       looked up and authenticated using the Web of Trust.  If at least one User ID can be fully  authenticated,
       then  the signature is considered to have been authenticated.  If the signature includes a Signer User ID
       subpacket, then only that User ID is considered.  Note: the User ID need not be self signed.

       The converse operation is `sq sign`.

       If you are looking for a standalone program to verify detached signatures, consider using sequoia-sqv.

       `sq verify` respects the reference time set by the top-level `--time` argument.  When  set,  it  verifies
       the message as of the reference time instead of the current time.


OPTIONS
   Subcommand options
       --detached=SIG
              Verify a detached signature

       -n, --signatures=N
              Set the threshold of valid signatures to N. If this threshold is not reached, the message will not
              be considered verified.

       -o, --output=FILE
              Write to FILE or stdout if omitted

       --signer-cert=FINGERPRINT|KEYID
              Verify  signatures  using  the  specified  certificate.   This  reads  the  certificate  from  the
              certificate store, and considers it to be authenticated.  When this option is  not  provided,  the
              certificate  is  still  read  from  the  certificate store, if it exists, but it is not considered
              authenticated.

       --signer-file=CERT_FILE
              Verify signatures using the certificate in CERT_FILE

        FILE  Read from FILE or stdin if omitted

   Global options
       See sq(1) for a description of the global options.


EXAMPLES
       Verify a signed message

              sq verify signed-message.pgp

       Verify a detached message

              sq verify --detached message.sig message.txt

       Verify a message as of June 9, 2011 at midnight UTC:

              sq verify --time 20130721 msg.pgp


SEE ALSO
       sq(1).

       For the full documentation see <https://book.sequoia-pgp.org>.


VERSION
       0.34.0 (sequoia-openpgp 1.19.0)

Sequoia PGP                                          0.34.0                                                SQ(1)