SQ(1)                            User Commands                           SQ(1)

NAME
       sq decrypt - Decrypt a message

SYNOPSIS
       sq decrypt [OPTIONS] FILE

DESCRIPTION
       Decrypt a message.

       Decrypt a message using either supplied keys, or by prompting for a
       password.  If message tampering is detected, an error is returned.  See
       below for details.

       If certificates are supplied using the `--signer-cert` option, any
       signatures that are found are checked using these certificates.
       Verification is only successful if there is no bad signature, and the
       number of successfully verified signatures reaches the threshold
       configured with the `--signatures` parameter.

       If the signature verification fails, or if message tampering is
       detected, the program terminates with an exit status indicating
       failure.  In addition to that, the last 25 MiB of the message are
       withheld, i.e. if the message is smaller than 25 MiB, no output is
       produced, and if it is larger, then the output will be truncated.

       The converse operation is `sq encrypt`.



OPTIONS
   Subcommand options
       --dump-session-key
              Print the session key to stderr

       -n, --signatures=N
              Set the threshold of valid signatures to N. The message will
              only be considered verified if this threshold is reached.
              [default: 1 if at least one signer cert file is given, 0
              otherwise]

       -o, --output=FILE
              Write to FILE or stdout if omitted

              [default: -]

       --private-key-store=KEY_STORE
              Provide parameters for private key store

       --recipient-file=KEY_FILE
              Decrypt the message using the key in KEY_FILE

       --session-key=SESSION-KEY
              Decrypt an encrypted message using SESSION-KEY

       --signer-file=CERT_FILE
              Verify signatures using the certificates in CERT_FILE

        FILE  Read from FILE or stdin if omitted

              [default: -]

   Global options
       See sq(1) for a description of the global options.

EXAMPLES
       Decrypt a file using a secret key

              sq decrypt --recipient-file juliet.pgp ciphertext.pgp



       Decrypt a file verifying signatures

              sq decrypt --recipient-file juliet.pgp --signer-file romeo.pgp \
                     ciphertext.pgp



       Decrypt a file using a password

              sq decrypt ciphertext.pgp

SEE ALSO
       sq(1).

       For the full documentation see <https://book.sequoia-pgp.org>.

VERSION
       0.35.0 (sequoia-openpgp 1.20.0)

Sequoia PGP                         0.35.0                               SQ(1)