Signature verification
I have downloaded Mageia 4 and it says that after downloading I should verify the signatures. I burned the ISO to a DVD and explored that but no luck. Please could someone tell me how I verify a signature. This must be basic stuff but it stumped me.
|
Where are there instructions that tell you to verify the signatures? I went to the Mageia 4 downloads page and they don't say anything about signatures. When I download the torrent file there is no signature files bundled with it (only hash checksums). Usually, when software is signed it is using PGP/GPG or S/MIME. Share your source. Help me help you.
|
The following is the page from Mageia:
Your download of Mageia 4.1 64bit DVD should start within a few seconds (download size is about 3.5 GB). If the download does not start, click here. This mageia.mirror.garr.it download mirror is located in Roma, Italia (IT). If it does not work well for you, check out these other mirrors. As soon as your download is complete, you should check that the signatures match: $ md5sum Mageia-4.1-x86_64-DVD.iso c1e996006ee03356e827dcfd02b060a7 $ sha1sum Mageia-4.1-x86_64-DVD.iso 3a257f7748f11ab725eff98b7d5160c68bd2aa65 If signatures do not match, DO NOT use this ISO. Double-check and try to download again. This only turns up after clicking the download button. Thanks for you help. |
Quote:
Simply open a terminal (shell, command line, whatever your terminology may be) and cd into the same directory where you downloaded the iso file, then type either of the commands shown... Code:
md5sum Mageia-4.1-x86_64-DVD.iso It is sufficient to check either the md5sum or the sha1sum. They will both be correct or they will both be incorrect. |
Quote:
|
Quote:
And you can check whether the hash match exactly instead of matching with your eyes you can do in a shell: Code:
if [ "hash1" == "hash2" ]; then echo OK; else echo FAIL; fi |
I am not a torrent user, but that sounds like a very useful idea!
Quote:
But even copy/paste is relatively a lot of trouble to compare the checksums. In reality it is sufficient to simply compare the first few and last few characters which can be done with a quick look. It would be exceedingly rare to have more than 4-5 leading characters match for a corrupted iso. The difference in the checksums is not proportional to the amount of difference in the files. Even a single bit of difference will radically alter the checksum. |
Quote:
|
Ah! You are correct.
I find that my old, but hopefully good habits, sometimes become confused with strict requirements of the languages. But still, a lot of trouble to go to for checksum comparison. |
Thanks for your replies!
|
All times are GMT -5. The time now is 12:45 PM. |