Bsign – Embed and verify secure hashes and digital signatures

Sponsored Link
The goal purpose of bsign is to verify and authenticate data files,especially executables and other binaries.The program reads all of the options and FILENAMES from the command ine and then begins to operate on the input files. In one invocation in can only one of either hash files, sign files, check hashes, or check signatures.

At present, it only works with the ELF (Execution and Link Format) files used by several flavors of UN*X including GNU/Linux, and it only supports gpg for creating and verifying signatures. It embeds a secure hash of the file contents in the file and optionally signs this hash value.Any change in the file contents will be easily discovered.Either the hash value does not match the file contents, the hash is absent, the signature (optional) of the hash value is invalid, ir the signature (optional) is absent.

Install bsign on ubuntu

Open the terminal and run the following command

sudo apt-get install bsign

Using bsign

Bsign Syntax

bsign [ options | FILENAMES ]

Bsign Examples

Rewrite file with a hash

sudo bsign --hash file

Verify the hash in file

sudo bsign --check-hash file

Rewrite file with a hash and sign it with the default secret key in keydir

sudo bsign --sign file -P "--homedir keydir"

Verify the hash and signature in file using the key in keydir

sudo bsign --verify file -P "--homedir keydir"

Sign the unsigned files in the whole filesystem

sudo bsign --sign -i / -e /proc -I -s --P "--homedir keydir"

Verify signatures for all files in the filesystem and only report those that have been tampered or are unsigned.

sudo bsign --verify -i / -e /proc -I -G --P "--homedir keydir"

Sponsored Link

Related posts

Leave a comment

Your email address will not be published. Required fields are marked *