Verifying Signatures

To check that you have downloaded a legitimate version of Kryptor, you should verify the signatures provided on the Downloads page.


You can download my public key here.

Fingerprint = 8E1ABC56B1DDB353EA7A47186362459399B0E317


  1. Download and install GnuPG.
  2. Download the GPG signature for the Kryptor version you downloaded (found on the Downloads page).
  3. Download the Kryptor public key (link above).
  4. Import the Kryptor public key using the command 'gpg --import [kryptor_signing_key.asc file path]'
  5. Verify the signature using the command 'gpg --verify [signature file path] [Kryptor download file path]'

Note that you must remove the square brackets when running the commands. E.g. gpg --verify

GnuPG should display the message 'Good signature'. If you don't see this message, then your Kryptor download is not legitimate and may be unsafe.