Verifying a PGP Signature
Last updated: May 2026
When you receive a signed message, you can verify that it came from the claimed sender and that it was not tampered with.
Verification Steps
gpg --verify message.sig message.txt
- If the signature is valid, you will see "Good signature".
- Check that the fingerprint matches the expected sender.
Always verify: This is how you confirm links, market urls, and vendor identities.