# Signing files

Signing a file can show that it came from you and wasn't modified.

Kryptor will use your signing private key to create a signature file for each file/file in a directory you specify. Sharing the file, signature file, and your **public key** allows other people to verify the signature for that file.

This requires a signing key pair, which can be generated as follows:

```bash
$ kryptor -g

Please select a key pair type (type 1 or 2):
1) Encryption
2) Signing
2

Enter a passphrase (leave empty for a random one):

Retype passphrase:

Deriving encryption key from passphrase...

Public key: Ed//L2CzmImpu9UA6HFjllemS4TVaE84PdTTrTNc5i6gxFU=
Public key file: "C:\Users\samuel-lucas6\.kryptor\signing.public"
​
Private key file: "C:\Users\samuel-lucas6\.kryptor\signing.private" - Keep this secret!

IMPORTANT: Please back up these files to external storage (e.g. memory sticks).
```

Or non-interactively like so:

```bash
$ kryptor -g -s -p:"dy#p}hIJBKSZ*M3b6I)!6iAK@"
```

{% hint style="warning" %}

* You should **back up** the private key file to external storage (e.g. memory sticks).
* **Never** share your **private key** file! Keep it **secret** and **offline**!
  {% endhint %}

You can either share your public key:

* As a string (**easiest**): `Ed//L2CzmImpu9UA6HFjllemS4TVaE84PdTTrTNc5i6gxFU=`
* As a `.public` file (**more long-term**): `~/.kryptor/signing.public`

Before signing, you will be asked to decrypt your private key using your passphrase. For security reasons, this involves a slight delay.

Here's an example of how to use your default signing private key:

```bash
$ kryptor -s file.zip

Enter your private key passphrase:

```

Here's an example of how to use a private key not stored in the [default folder](https://www.kryptor.co.uk/tutorial/generating-a-new-key-pair):

```bash
$ kryptor -s -x:"C:\Users\samuel-lucas6\Documents\signing.private" file.zip

Enter your private key passphrase:

```