Provided by: sq_1.3.1-2_amd64 bug

NAME
       sq-decrypt - Decrypt a message


SYNOPSIS
       sq decrypt [OPTIONS] FILE


DESCRIPTION
       Decrypt a message.

       Decrypt  a  message  using either supplied keys, or by prompting for a password.  If message tampering is
       detected, an error is returned. See below for details.

       If certificates are supplied using the `--signer-file` option, any signatures that are found are  checked
       using these certificates. Verification is only successful if there is no bad signature, and the number of
       successfully verified signatures reaches the threshold configured with the `--signatures` parameter.

       If  the signature verification fails, or if message tampering is detected, the program terminates with an
       exit status indicating failure.  and the output file is deleted.  If the output was sent to stdout,  then
       the  last  25  MiB  of  the message are withheld (consequently, if the message is smaller than 25 MiB, no
       output is produced).

       The converse operation is `sq encrypt`.


OPTIONS
   Subcommand options
       --dump-session-key
              Print the session key to stderr

       --output=FILE
              Write to FILE or stdout if omitted

              [default: -]

       --recipient-file=KEY_FILE
              Decrypt the message using the key in KEY_FILE

       --session-key=SESSION-KEY
              Decrypt an encrypted message using SESSION-KEY

       --signatures=N
              Set the threshold of valid signatures to N

              The message will only be considered verified if this threshold is reached. [default: 1 if at least
              one signer cert file is given, 0 otherwise]

       --signer=FINGERPRINT|KEYID
              Require a signature from a certificate with the specified fingerprint or key ID

       --signer-domain=DOMAIN
              Require a signature from a certificate where a user ID includes an email address for the specified
              domain

       --signer-email=EMAIL
              Require a signature from a certificate where a user ID includes the specified email address

       --signer-file=PATH
              Require a signature from a certificate read from PATH

       --signer-userid=USERID
              Require a signature from a certificate with the specified user ID

        FILE  Read from FILE or stdin if FILE is '-'

              [default: -]

   Global options
       See sq(1) for a description of the global options.


EXAMPLES
       Decrypt a file using a secret key

              sq decrypt --recipient-file juliet-secret.pgp ciphertext.pgp

       Decrypt a file verifying signatures

              sq decrypt --recipient-file juliet-secret.pgp --signer-file \
                     romeo.pgp ciphertext.pgp

       decrypt a file using the key store

              sq decrypt ciphertext.pgp


SEE ALSO
       sq(1).

       For the full documentation see <https://book.sequoia-pgp.org/>.


VERSION
       1.3.1

Sequoia PGP                                           1.3.1                                                SQ(1)