With a tremendous volume of news, take a look at the number of search results that come back for anything pertaining to detached signatures and you would think there is no such thing.
Surf the web and you will always find varying answers.
On a cleanly setup Debian 13.2 Trixie-Devel I can’t even a terminal response to
Super fluent with the terminal. Meticulously make all keys only via terminal. Website is outdated: I will volunteer to modernize it.
Wondering if anyone had solutions I have yet to try. THANK YOU, ALL.
gpg (GnuPG) 2.5.14libgcrypt 1.11.2Copyright (C) 2025 g10 Code GmbHLicense GNU GPL-3.0-or-later https://gnu.org/licenses/gpl.htmlThis is free software: you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law.
Home: /home/\____\_/.gnupgSupported algorithms:Pubkey: RSA, Kyber, ELG, DSA, ECDH, ECDSA, EDDSACipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,CAMELLIA128, CAMELLIA192, CAMELLIA256Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224Compression: Uncompressed, ZIP, ZLIB, BZIP2
Syntax: gpg \[options\] \[files\]Sign, check, encrypt or decryptDefault operation depends on the input data
Commands:
\-s, --sign make a signature–clear-sign make a clear text signature-b, --detach-sign make a detached signature
Various sites, various answers, all failures.
Make a detached signature
To create a separate signature file to be distributed separately from the document or file itself, use the --detach-sig flag:
$ gpg --output doc.sig --detach-sig doc
Here the signature is stored in doc.sig, but the contents of doc are not stored in it. This method is often used in distributing software projects to allow users to verify that the program has not been modified by a third party.
Any help would be appreciated. Thank you.