NAME¶

skopeo-standalone-verify - Verify an image signature.

SYNOPSIS¶

skopeo standalone-verify manifest docker-reference key-fingerprint signature

DESCRIPTION¶

Verify a signature using local files, digest will be printed on success.

manifest Path to a file containing the image manifest

docker-reference A docker reference expected to identify the image in the signature

key-fingerprint Expected identity of the signing key

signature Path to signature file

Note: If you do use this, make sure that the image can not be changed at the source location between the times of its verification and use.

EXAMPLES¶

$ skopeo standalone-verify busybox-manifest.json registry.example.com/example/busybox 1D8230F6CDB6A06716E414C1DB72F2188BB46CC8  busybox.signature
Signature verified, digest sha256:20bf21ed457b390829cdbeec8795a7bea1626991fda603e0d01b4e7f60427e55

AUTHORS¶

Antonio Murdaca runcom@redhat.com ⟨mailto:runcom@redhat.com⟩, Miloslav Trmac mitr@redhat.com ⟨mailto:mitr@redhat.com⟩, Jhon Honce jhonce@redhat.com ⟨mailto:jhonce@redhat.com⟩

Source file:	skopeo-standalone-verify.1.en.gz (from skopeo 1.2.2+dfsg1-1+b6)
Source last updated:	2021-08-04T20:06:02Z
Converted to HTML:	2023-05-18T15:50:49Z

NAME¶

SYNOPSIS¶

DESCRIPTION¶

EXAMPLES¶

SEE ALSO¶

AUTHORS¶