ROOTSIGN(8) - Linux man page online | Administration and privileged commands

Cryptographically sign standard input with a private/public keypair unique to the local root user.

19 July 2011
rootsign(8) bootmail rootsign(8)


rootsign - cryptographically sign standard input with a private/public keypair unique to the local root user


rootsign is a program that operates on standard input, cryptographically signing it with a private/public keypair only accessible by the local root user, and outputting the result on standard out, suitable for piping to mail(1). A new key will be generated on first use, and is written to /var/lib/root‐ sign/$ for import by other users into their keyring, in order to verify sig‐ natures. This tool is used by bootmail(8) to sign messages, but could easily be used by others. rootsign can optionally encrypt the message as well, by setting the recipient's gpg(1) key id in the RECIPIENT_KEYID variable in I/etc/bootmail/gpg.conf.


/etc/bootmail/gpg.conf, /var/lib/rootsign/*


gpg(1), bootmail(8), mail(1)


This manpage and the utility were written by Dustin Kirkland <> for Ubuntu systems (but may be used by others). Permission is granted to copy, distribute and/or modify this document and the utility under the terms of the GNU General Public License, Version 3 published by the Free Software Foundation. The complete text of the GNU General Public License can be found in /usr/share/common- licenses/GPL on Debian/Ubuntu systems, or on the web at
bootmail 19 July 2011 rootsign(8)
This manual Reference Other manuals
rootsign(8) referred by bootmail(8)
refer to bootmail(8) | gpg(1)
Download raw manual
Index bootmail (+2) bootmail (+2) № 8 (+5755)
Go top