Skip to content
signify ported from OpenBSD
C Roff Other
Branch: master
Clone or download



This is a port of the OpenBSD signify[1] tool that compiles on Linux.  The
sources are minimally modified versions of those that appear in the OpenBSD
release that compile on Linux with the help of libbsd.



Create a new key pair:
      $ signify -G -p -s newkey.sec

Sign a file, specifying a signature name:
      $ signify -S -s key.sec -m message.txt -x msg.sig

Verify a signature, using the default signature name:
      $ signify -V -p -m generalsorders.txt

Verify a release directory containing SHA256.sig and a full set of release files:
      $ signify -C -p /etc/signify/ -x SHA256.sig

Verify a bsd.rd before an upgrade:
      $ signify -C -p /etc/signify/ -x SHA256.sig bsd.rd

To Install

    apt-get install libbsd-dev
    autoreconf -ivf # (only needed if compiling from git, not tarball)
    sudo make install

To Update

    mkdir openbsd
    tar xzf /path/to/OpenBSD/src.tar.gz -C openbsd
    OPENBSD_SOURCE=openbsd ./

This will automatically pull in the source from the OpenBSD source tree and
patch it as necessary.  The update script was built for 6.0 and may need
changes in the future.
You can’t perform that action at this time.