Verifying file is correct and safe
I wish to download a file. Next to the download link, it displays the below MD5 hash along with a "signature" link which provides the below PGP signature. Three questions
Thanks! Code:
MD5: c766aced5129a6f644992af125cdd4fc Code:
GnuPG Signature of MySQL-5.6.12-1.el6.i686.rpm-bundle.tar |
1. Create a file with 'echo "c766aced5129a6f644992af125cdd4fc MySQL-5.6.12-1.el6.i686.rpm-bundle.tar" > MySQL-5.6.12-1.el6.i686.rpm-bundle.tar.md5'. Then you can do 'md5sum -c MySQL-5.6.12-1.el6.i686.rpm-bundle.tar.md5' which will return the filename and OK after a successful check.
2. MD5 is no longer considered secure, but is still useful for checking for an uncorrupted download. 3. Copy the signature into a file MySQL-5.6.12-1.el6.i686.rpm-bundle.tar.asc and then do 'gpg2 --verify MySQL-5.6.12-1.el6.i686.rpm-bundle.tar.asc'. Note:- You will need to install the PGP key from the supplier before this using a command like 'gpg2 --import <keyfile>' or 'gpg2 --fetchkeys <URI>'. |
All times are GMT -5. The time now is 11:09 PM. |