Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Often we get a software from a source, with another files (.md5, sha etc...) How this works?
No idea what you're asking, about what software, from what source, and we can't guess as to your question. Can you clarify??? The things you mention in the 'etc.' are typically checksums...how to check them depends on what the sum is, and typically the sender will tell you what to run to verify the archive.
"No idea" doesn't make sense. You got it.
for example https://imgur.com/a/ECHKfQD
no dialog or more instructions.
I just want to use my PC, and eventually work with that but i'm almost giving it up (because you 'no idea' exists)! Not for prouding
Thanks
"No idea" doesn't make sense. You got it. for example https://imgur.com/a/ECHKfQD
no dialog or more instructions. I just want to use my PC, and eventually work with that but i'm almost giving it up (because you 'no idea' exists)! Not for prouding
And you are still not asking a clear question. You are still not providing any details, such as what version/distro of Linux, where you're getting this software, etc. Posting a screen shot of a web page doesn't tell anyone, anything.
Tells you what to type in. Again, you need to ask a clear question and provide details. If you're downloading things on Windows/Mac, these instructions probably won't work, and you'll need to do something else. And we can't help you since you DO NOT TELL US anything.
A "checksum," usually SHA1 or MD5, is an arithmetic calculation which is designed to detect the slightest change in a file. If even one bit has been altered, the checksum will be completely different.
A "cryptographic digital signature" is slightly different. Here, the checksum is wrapped in an encrypted payload that can be decrypted using a readily-available public key. This payload can only be generated by a possessor of the corresponding private key, which is secret.
When you verify a "signed" package, the software first decrypts the signature payload – and finds that it can successfully do so. (Which necessarily means that it was prepared by a holder of that secret private key.) Then, it verifies the checksum that is contained within that payload. This is evidence that the package contents are, indeed, exactly the same as what the signer originally vouched for, and that you know who signed it.
Now, strictly speaking, there are still clever ways that a clever nasty-person could trick you. ("Nasty-persons" are remarkably clever and resourceful ...) But it is acceptably unlikely.
All software-update processes used for Linux use digitally-signed packages, and from time to time the set of public keys are also updated. Most conventional software installers, and many applications, are also signed, and the operating system can be set to refuse to launch any application that isn't signed by a known source.
Last edited by sundialsvcs; 05-27-2022 at 11:13 AM.
I usually do not check the downloaded files, especially if it is an ISO file. I almost never had a failed download, at least I do not remember. Also I prefer to download from a torrent file if that exists because the download is checked and correct. Life is simple sometimes.
You could also ask these questions in a single thread, as it makes it more easy for you and for the ones who answer to you, since it is basically the same subject/goal to be achieved.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.