gpg

encrypt file

gpg -c <filename>

decrypt file

gpg <filename>.gpg

clearsign message

gpg --default-key <key_id> -o <output_file> --clearsign <input_file>

ref

[https://www.linuxbabe.com/security/verify-pgp-signature-software-downloads-linux] [https://unix.stackexchange.com/questions/288933/unable-to-verify-the-kernel-signature-gpg-cant-check-signature-public-key-no]

red hat verify

[https://access.redhat.com/articles/3530471]