LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 02-18-2007, 09:40 PM   #1
bostonantifan
Member
 
Registered: May 2006
Location: Leominster, Massachusetts
Distribution: Kubuntu 10.04
Posts: 56

Rep: Reputation: 15
ISO questions


I've downloaded the Fedora 6 core ISO files and plan to burn them to CDs. I've read that I need to check them against the SHA1SUM file which contains the following:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

834fd761b9c0a5dc550d10d97307dac998103a68 FC-6-i386-rescuecd.iso
cc503d99c9d736af9052904a6ab14931b0850078 FC-6-i386-disc1.iso
3051710e6b2f1d17a14ede0ebb74761c29cda954 FC-6-i386-disc2.iso
5357ce21f8766db385b25923216a430b694bca5d FC-6-i386-disc3.iso
d6133ab5ccf19431c14fd2ad85bce03c9834ef87 FC-6-i386-disc4.iso
6722f95b97e5118fa26bafa5b9f622cc7d49530c FC-6-i386-DVD.iso
22327af62d6376916e209b0c4934540e14d5664a FC-6-i386-disc5.iso
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFFNo/utEJp0E8qb9IRAsf7AJ9ZqiDlKqJfAh8g5QHyDMmPOzNbTACfbyGw
hB8bkLBT+6ANW6y8iBmlxz8=
=O/Le
-----END PGP SIGNATURE-----

Does anyone (or everyone) know how I can check this? I'm using Windows 2000 to create the cd's. It also says I should run a checksum against the files. I've heard of that, but have no idea how to do it. If someone would explain this to a "newbie", I'd greatly appreciate it....
 
Old 02-18-2007, 10:03 PM   #2
MS3FGX
LQ Guru
 
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,852

Rep: Reputation: 361Reputation: 361Reputation: 361Reputation: 361
I am not sure as to the exact process, as I never attempted it while actually running Windows. But I imagine the first step would be to download the Windows version of GnuPG. Hopefully things will start to fall into place from there.
 
Old 02-19-2007, 02:06 AM   #3
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
Blog Entries: 4

Rep: Reputation: 475Reputation: 475Reputation: 475Reputation: 475Reputation: 475
It would be far easier to check the md5sum (or checksum), read up on how to do it here: https://www.linuxquestions.org/linux/answers/LQ_ISO
 
Old 02-19-2007, 10:44 AM   #4
AdaHacker
Member
 
Registered: Oct 2001
Location: Brockport, NY
Distribution: Kubuntu
Posts: 384

Rep: Reputation: 32
Quote:
Originally Posted by XavierP
It would be far easier to check the md5sum
I don't know why that would be easier, since it's the same procedure, just with a different hash algorithm. I also don't know how it would help, since the OP apparently only has SHA1 sums.

There's really nothing to this. Just download an SHA1 program for Windows and run it on the ISO image. Look at the SHA1 sum it outputs and compare it to the corresponding SHA1 sum in that file. If the values match, then your ISO image is fine and you can go ahead and burn it. If not, then the ISO is corrupted or has been tampered with.

Incidentally, if you are really concerned about security, you should also check the PGP signature on that SHA1SUM file. If the signature doesn't check out, then you can't trust the SHA1 sums in it to begin with.

Of course, while all this checking is good security practice, it's not a barrier to entry. You can always just assume the ISO if good and burn it. You should go through all these checks, but in reality, many (most?) people just can't be bothered.
 
Old 02-19-2007, 01:09 PM   #5
J.W.
LQ Veteran
 
Registered: Mar 2003
Location: Boise, ID
Distribution: Mint
Posts: 6,642

Rep: Reputation: 87
Note also that when you are trying to install FC6, the first option you get is a "mediacheck", which will verify that the checksums are correct. Verifying the checksums prior to burning is a good idea, but worst case scenario would be that you need to reburn.

FWIW, my experience has shown that burning at a relatively slow speed gives better results than burning at your CD drive's max speed. Good luck with it
 
Old 02-23-2007, 08:49 AM   #6
bostonantifan
Member
 
Registered: May 2006
Location: Leominster, Massachusetts
Distribution: Kubuntu 10.04
Posts: 56

Original Poster
Rep: Reputation: 15
Thanks

Thank you both for the helpful information.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Iomojo camera server iso is not recognized as a viable iso format in K3B. RHLinuxGUY Linux - Distributions 2 06-12-2006 03:02 PM
RHEL CDs: made iso, mounted iso, exported dir - still asks for CD :( guest Linux - Newbie 1 04-08-2005 12:37 PM
ISO questions... LinuxHawk Linux - General 5 11-04-2004 05:26 AM
Does anyone Know how to open either .iso.rz or these .iso.xdelta,.iso.bz2,.iso.lzma?? maximalred Debian 5 06-09-2004 06:15 AM
How do I make procmail recognize ISO encoded subject headers (=?ISO-)? xeza Linux - Software 0 10-06-2003 01:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:02 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration