On 18/02/18 20:45, Ray Satiro via Gnupg-users wrote:
> I know for xxx.sig
> files it would strip that extension and then "gpg: assuming signed data
> in xxx"
I'd like to suggest you shouldn't do it anyway. If somebody supplies you a
non-detached signed file with just a subtly different name, the
I downloaded an Ubuntu preview ISO [1] recently along with its hash and
signature, SHA256SUMS and SHA256SUMS.gpg. I expected to be able to do this:
gpg --verify SHA256SUMS.gpg
gpg: no signed data
gpg: can't hash datafile: No data
Instead I have to do this:
gpg --verify SHA256SUMS.gpg SHA256SUMS
