Provided by: sq_1.2.0-1_amd64 bug

NAME
       sq verify - Verify signed messages or detached signatures


SYNOPSIS
       sq verify [OPTIONS] FILE


DESCRIPTION
       Verify signed messages or detached signatures.

       When verifying signed messages, the message is written to stdout or the file given to `--output`.

       When  a  detached message is verified, no output is produced.  Detached signatures are often used to sign
       software packages.

       Verification is only successful if there is no bad signature, and the  number  of  successfully  verified
       signatures  reaches  the  threshold  configured  with  the `--signatures` parameter.  If the verification
       fails, the program terminates with an exit status indicating failure, and the output file is deleted.  If
       the output was sent to stdout, then the last 25 MiB of the message are  withheld  (consequently,  if  the
       message is smaller than 25 MiB, no output is produced).

       A  signature  is considered to have been authenticated if the signer can be authenticated.  If the signer
       is provided via `--signer-file`, then the signer is considered authenticated.  Otherwise, the  signer  is
       looked  up and authenticated using the Web of Trust.  If at least one User ID can be fully authenticated,
       then the signature is considered to have been authenticated.  If the signature includes a Signer User  ID
       subpacket, then only that User ID is considered.  Note: the User ID need not be self signed.

       The converse operation is `sq sign`.

       If you are looking for a standalone program to verify detached signatures, consider using sequoia-sqv.

       `sq  verify`  respects  the reference time set by the top-level `--time` argument.  When set, it verifies
       the message as of the reference time instead of the current time.


OPTIONS
   Subcommand options
       --cleartext
              Verify a cleartext-signed message

       --message
              Verify an inline signed message

       --output=FILE
              Write to FILE or stdout if omitted

              [default: -]

       --signature-file=SIG
              Verify a detached signature file

       --signatures=N
              Set the threshold of valid signatures to N

              If this threshold is not reached, the message will not be considered verified.

              [default: 1]

       --signer=FINGERPRINT|KEYID
              Require a signature from a certificate with the specified fingerprint or key ID

       --signer-domain=DOMAIN
              Require a signature from a certificate where a user ID includes an email address for the specified
              domain

       --signer-email=EMAIL
              Require a signature from a certificate where a user ID includes the specified email address

       --signer-file=PATH
              Require a signature from a certificate read from PATH

       --signer-userid=USERID
              Require a signature from a certificate with the specified user ID

        FILE  Read from FILE or stdin if FILE is '-'

              [default: -]

   Global options
       See sq(1) for a description of the global options.


EXAMPLES
       Verify a signed message.

              sq verify --message document.pgp

       Verify a detached signature.

              sq verify --signature-file=document.sig document.txt

       Verify a message as of June 19, 2024 at midnight UTC.

              sq verify --time 2024-06-19 --message document.pgp


SEE ALSO
       sq(1).

       For the full documentation see <https://book.sequoia-pgp.org>.


VERSION
       1.2.0 (sequoia-openpgp 1.22.0)

Sequoia PGP                                           1.2.0                                                SQ(1)