sshpk-verify.1 2.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869
  1. .TH sshpk\-verify 1 "Jan 2016" sshpk "sshpk Commands"
  2. .SH NAME
  3. .PP
  4. sshpk\-verify \- verify a signature on data using an SSH key
  5. .SH SYNOPSYS
  6. .PP
  7. \fB\fCsshpk\-verify\fR \-i KEYPATH \-s SIGNATURE [OPTION...]
  8. .SH DESCRIPTION
  9. .PP
  10. Takes in arbitrary bytes and a Base64\-encoded signature, and verifies that the
  11. signature was produced by the private half of the given SSH public key.
  12. .SH EXAMPLES
  13. .PP
  14. .RS
  15. .nf
  16. $ printf 'foo' | sshpk\-verify \-i ~/.ssh/id_ecdsa \-s MEUCIQCYp...
  17. OK
  18. $ printf 'foo' | sshpk\-verify \-i ~/.ssh/id_ecdsa \-s GARBAGE...
  19. NOT OK
  20. .fi
  21. .RE
  22. .SH EXIT STATUS
  23. .TP
  24. \fB\fC0\fR
  25. Signature validates and matches the key.
  26. .TP
  27. \fB\fC1\fR
  28. Signature is parseable and the correct length but does not match the key or
  29. otherwise is invalid.
  30. .TP
  31. \fB\fC2\fR
  32. The signature or key could not be parsed.
  33. .TP
  34. \fB\fC3\fR
  35. Invalid commandline options were supplied.
  36. .SH OPTIONS
  37. .TP
  38. \fB\fC\-v, \-\-verbose\fR
  39. Print extra information about the key and signature to stderr when verifying.
  40. .TP
  41. \fB\fC\-i KEY, \-\-identity=KEY\fR
  42. Select the key to be used for verification. \fB\fCKEY\fR must be a relative or
  43. absolute filesystem path to the key file. Any format supported by the \fB\fCsshpk\fR
  44. library is supported, including OpenSSH formats and standard PEM PKCS.
  45. .TP
  46. \fB\fC\-s BASE64, \-\-signature=BASE64\fR
  47. Supplies the base64\-encoded signature to be verified.
  48. .TP
  49. \fB\fC\-f PATH, \-\-file=PATH\fR
  50. Input file to verify instead of stdin.
  51. .TP
  52. \fB\fC\-H HASH, \-\-hash=HASH\fR
  53. Set the hash algorithm to be used for signing. This should be one of \fB\fCsha1\fR,
  54. \fB\fCsha256\fR or \fB\fCsha512\fR\&. Some key types may place restrictions on which hash
  55. algorithms may be used (e.g. ED25519 keys can only use SHA\-512).
  56. .TP
  57. \fB\fC\-t FORMAT, \-\-format=FORMAT\fR
  58. Choose the signature format to use, from \fB\fCasn1\fR, \fB\fCssh\fR or \fB\fCraw\fR (only for
  59. ED25519 signatures). The \fB\fCasn1\fR format is the default, as it is the format
  60. used with TLS and typically the standard in most non\-SSH libraries (e.g.
  61. OpenSSL). The \fB\fCssh\fR format is used in the SSH protocol and by the ssh\-agent.
  62. .SH SEE ALSO
  63. .PP
  64. .BR sshpk-sign (1)
  65. .SH BUGS
  66. .PP
  67. Report bugs at Github
  68. \[la]https://github.com/arekinath/node-sshpk/issues\[ra]