Signify: Cryptographically Sign and Verify Files

From Whonix



Written in 2014 for OpenBSD, signify is a tool to cryptographically sign and verify files: [1]

It only supports a single algorithm, Ed25519, created by djb and his gang. It’s fast, immune to timing attacks by design, produce deterministic signatures, uses small keys and produce small signatures, … it does look like a sound choice.

Signify's main benefits is that it has a small codebase and is not based on GnuPG. On the downside, there is no revocation mechanism [2] and the trust path relies on getting the key directly from a trusted developer. [1]

Signify's usage is not just limited to OpenBSD and the tool has also been been packaged in Debian. [3] To learn more about signify, refer to this blog post [archive] by the original author.

Installation and Usage[edit]

Info In the steps below, installing package qrencode is optional and only needed if you intend to create QR codes.

1. Install signify.

Install signify-openbsd qrencode.

1. Update the package lists.

sudo apt-get update

2. Upgrade the system.

sudo apt-get dist-upgrade

3. Install the signify-openbsd qrencode package.

Using apt-get command line parameter --no-install-recommends is in most cases optional.

sudo apt-get install --no-install-recommends signify-openbsd qrencode

The procedure of installing signify-openbsd qrencode is complete.

2. Create a key.

This only needs to be done once unless multiple keys are desired; in that case different key names should be used. In the following example, keyname is used as the sample key name.

signify-openbsd -G -p -s keyname.sec

3. Optional: Add a key comment.

Replace comments here with the actual comment but keep the ". The comment could be a name, position, website, e-mail address and/or anything else.

signify-openbsd -G -p -s keyname.sec -c "comments here"


  • The private key file keyname.sec needs to stay private -- never share keyname.sec with anyone as this would defeat the purpose of signing files!
  • The public key file can be shared with anyone.

4. Utilize signify.

To sign a file message.txt (which has to be created by the user beforehand).

signify-openbsd -S -s keyname.sec -m message.txt

This will create a signature file message.txt.sig.

To verify a file message.txt with signature file message.txt.sig.

signify-openbsd -V -p -m message.txt

5. Optional: Create a QR code for the public key.

qrencode -r -o

File would be the QR code of the public key.

Refer to the Debian signify-openbsd Manual Page [archive] for further options.


See Also[edit]


text=Jobs in USA
Jobs in USA

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki

Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png Iconfinder Apple Mail 2697658.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Have you contributed to Whonix ™? If so, feel free to add your name and highlight what you did on the Whonix ™ authorship page.

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2021 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent.