Quote:
Originally Posted by vinayaka_c
How to digitally sign the binaries (executable files) is linux.
& how to verify them at the receiver side.
|
There are various ways - GnuPG is one, as mentioned.
Quote:
Originally Posted by vinayaka_c
What file needs to be transferred for sender to receiver.
|
Normally you provide the binary itself, plus a signed
digest of the binary. A crypto signature is approximately the size of the binary itself. This is impractical for large files (which is why you'd sign the digest).
Quote:
Originally Posted by vinayaka_c
I tried with openssl dgst command. but not getting exact idea on how to do it.
|
You're halfway there...
Quote:
Originally Posted by vinayaka_c
is it that digitally signed certificates (.pem) files should be there for signing? . is it that sender signs it with his private key (.pem file) & receiver verifies it with senders public key ( .pem file) ?
how it is ? please suggest how to proceed on this on linux ?
|
You sign with the private key. Recipient verifies with the corresponding public key. This is not unique to GNU/Linux, but is a standard protocol.