LinuxQuestions.org - file Signatures ?

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - file Signatures ? (https://www.linuxquestions.org/questions/linux-newbie-8/file-signatures-159909/)

juanb

03-19-2004 02:30 PM

file Signatures ?

Hi !

Some times whan I download a file I see a section "file signature"

something like this:

-------------------------------------------------
CRC32 f9739223
MD5 35c30574f980c99e20a0ad3a2068d93f
SHA 6aed5dfdf9c6e6cec43af7a9a70d499499237c62
HAVAL d93840a89600b03b6b152544c7eee14d

I know that it is used to check the file integrity but how do I use it? how I compare those things with the file after I downloaded it.

thanks very much !!

wapcaplet

03-19-2004 02:55 PM

The most commonly used one in the Linux world is the MD5 one. To use it, open up a terminal/console window and type:

md5sum the_file_you_downloaded

It'll think for a second, then print out a bunch of letters and numbers. Compare it with the "signatures" you have (under MD5) and see if they match. If they are different, the file is corrupted in some way; if they're the same, the file is good.

jschiwal

03-19-2004 03:10 PM

The CRC32 signature will just protect you against transmition errors.
The SHA signature will use the published key of the organization prepairing the file
in determining if the file is authentic.
Read up on Openssl for details.

This website contains information on how to manually load their keys into the rpm database.
http://plf.zarb.org/packages.php

All times are GMT -5. The time now is 12:40 AM.