Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Contact Us
Online Help
Domain Status
Man Pages

Virtual Servers

Topology Map

Server Agreement
Year 2038

USA Flag



Man Pages

Manual Reference Pages  -  ASIGNIFY (1)

.ds Aq ’


asignify - cryptographically sign, verify, encrypt or decrypt files.



asignify [-q] verify pubkey signature

asignify [-q] check pubkey signature file [file...]

asignify [-q] sign [-n] [-d digest] [-s sshkey] secretkey signature [file1 [file2...]]

asignify [-q] generate [-n] [-r rounds] secretkey [publickey]

asignify [-q] encrypt [-d] secretkey publickey infile outfile

asignify [-q] decrypt secretkey publickey infile outfile


The asignify utility creates and verifies cryptographic signatures. A signature is stamped on a digests file that contains hash digests of files using various hash functions (namely, sha256, sha512 and blake2b).

The mode of operation is selected with the following options:
-q Quiet mode. Suppress informational output.
verify Verify signarure for a digests file (but do not verify digests themselves):
pubkey Name of the file with a public key.
signature Name of signature file.
check Verify a signed digests list, and then verify the checksum for each file listed in the arguments and specified in the digests list:
pubkey Name of the file with a public key.
signature Name of a signature file.
file List of files whose digests need to be verified.
generate Generate a new key pair of secret and public keys:
-n, --no-password Do not ask for a passphrase during key generation. Otherwise, asignify will prompt the user for a passphrase to encrypt the secret key with.
-r, --rounds Indicate a number of iterations (rounds) used by PBKDF algorithm (default number of rounds: 10000).
-s, --ssh Convert unencrypted ed25519 private key generated by openssh to the native asignify format. The target key could be encrypted as usually.
secretkey Mandatory path to file where secret key will be writen.
pubkey Optional path to file where public key will be writed and by default will be generated from as [secretkey].pub. This option is not used with ssh keys.
sign Calculate digests for the files specified and create a signed digests file:
-n, --no-size Do not record files sizes in signature file.
-d, --digest Indicate a hash function which will be used for singing. Currently the asignify has support of following hashes: sha256(1), sha512(1), blake2 (default if none is defined). It is possible to specify multiple -d options to calculate multiple checksums for each file.
secretkey Name of the file with a secret key.
signature Name of file where signed digests will be stored.
file List of file(s) to calculate digests for.
encrypt Encrypt a file using local private key and remote public key (and vice-versa for decryption):
-d, --decrypt Decrypt using remote privkey and local pubkey (that is same as invoking this command as decrypt)
secretkey Name of the file with a secret key: local for encryption and remote for decryption.
publickey Name of the file with a public key: remote for encryption and local for decryption.
in The name of input file.
out The name of output file.


The asignify return zero exit code on success, and non-zero if an error occurs. It may fail because of one of the following reasons:
- Some files requested are absent.
- Passphrase is incorrect (or passphrase and verification are not equal).
- The message file has been corrupted and its signature is no longer valid.


Create a new key pair:

 $ asignify generate keys/key.secret keys/key.public

Sign a file, specifying a signature name:

 $ asignify sign -d blake2 keys/key.secret motd.sig /etc/motd

Verify a signature:

 $ asignify verify keys/key.public motd.sig

Verify a signed digest list:

 $ asignify check keys/key.public motd.sig /etc/motd

Search for    or go to Top of page |  Section 1 |  Main Index

perl v5.18.2 ASIGNIFY (1) 2015-01-12

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.