checking .iso-s ...

Iulian_B · 07-29-2002, 03:34 AM

Hi,
Recently, I've downloaded RH7.3 in .iso format, plus a file with checksums, from a mirror.
The checksums file is listed below:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

a91011f1c6b5f331d120d33ee5898d95 valhalla-i386-disc1.iso
422948492b984060b21923d11febb422 valhalla-i386-disc2.iso
505a73bac591882c14c80bfe452cd757 valhalla-i386-disc3.iso
9fc872b4dca927dfd86b80cba4da4814 valhalla-SRPMS-disc1.iso
88f1e7b2187402e29fe1377a1209f42b valhalla-SRPMS-disc2.iso
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9D/FiIZGAzdtCpg4RArXMAJ4rw2UCNZMr83jcV8kRUYLwpXsfhgCdG7TS
+hvICnw/3FAFPcbZ9Loc0R4=
=8W2V
-----END PGP SIGNATURE-----

The download was done under Win :-(.
Each checksum line is identical to its correspondent from www.linuxiso.org

I checked the .iso-s with md5sum (or a port of it) both under linux and Win.
Now I am a little bit confused:
- under linux, the md5sum -c md5sum.txt command returned nothing: does that mean it is OK?
- under Win, md5summer.exe make another signature, different from the one in the md5sum.txt file: why?

And now, my problem: since the 1st CD works fine (well, I did not run the whole process, just verified the booting), what means: Hash: SHA1? Was the checksum generated based on SHA1 algorithm?
Is the linux result of md5sum checking correct?

Thank you all

Mik · 07-29-2002, 04:05 AM

Well the linux version should output something. It should display something like this for each file:
filename: OK

If it's not valid or the file doesn't exist it will give an error message.
The SHA1 is probably the algoritm used to calculate the PGP signature. Because MD5 is used to calculate the checksum.
I don't know why the windows version gives you a different checksum. If it's a proper port and the file hasn't modified then it should give you exactly the same.

Iulian_B · 07-29-2002, 04:22 AM

Thank you, Mik.
Finally (I'm ashamed, because this should be the first step) I did a md5sum on the .iso-s.
Well, my checksums don't match the downloaded ones.

Iulian_B · 07-30-2002, 07:03 AM

Hi,
Although the md5 checksums don't match, I'd performed the installation and now I have a new RH7.3.
I still don't know how to "translate" the difference between the checksums.
I.

Mik · 07-30-2002, 07:43 AM

You will get a different checksum if just one bit in the file changes. Usually during an install not all the files are used from the cd so you might have been lucky that all the files you needed where intact. It depends on what is different from the original iso. If it's just a bit that changed in a simple text file it can't do much harm but if it's a bit that caused an executable file to change or an rpm then you could get strange results when installing/running it.