HyperWiki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
en:manual:verify_live_images [2017/09/27 01:49]
coadde created 		en:manual:verify_live_images [2024/01/19 14:45] (current)
throgh
Line 1: Line 1:
-//**This page explains how to verify their integrity and authenticity.**//+<note important> **This page explains how to verify their integrity and authenticity.** </note>
  
 ====== Preparation ====== ====== Preparation ======
  
-  - Create a directory called "live_imagein your home directory.+  - Create a directory called **live_image** in your home directory.
   - Move the live image you downloaded in this directory.   - Move the live image you downloaded in this directory.
-  - Download the following files and move them into the "live_imagedirectory.+  - Download the following files and move them into the **live_image** directory.
  
 ===== Hyperbola live image ===== ===== Hyperbola live image =====
Line 13: Line 13:
 ! style="background-color:#eaecf0"  colspan="1" | Description ! style="background-color:#eaecf0"  colspan="1" | Description
 |- |-
-| [[https://repo.hyperbola.info:50000/other/live_images/gnu-plus-linux-libre/hyperbola-2017.07.14/hyperbola-2017.07.14-dual.iso.sha512 | hyperbola-2017.07.14-dual.iso.sha512]]+| [[https://repo.hyperbola.info/other/live_images/gnu-plus-linux-libre/hyperbola-milky-way-latest/hyperbola-milky-way-v0.4.4-dual.iso.sha512 | hyperbola-milky-way-v0.4.4-dual.iso.sha512]]
 | Contains the SHA512 sums to check the integrity of the Hyperbola live image. | Contains the SHA512 sums to check the integrity of the Hyperbola live image.
 |- |-
-| [[https://repo.hyperbola.info:50000/other/live_images/gnu-plus-linux-libre/hyperbola-2017.07.14/hyperbola-2017.07.14-dual.iso.sha512.sig | hyperbola-2017.07.14-dual.iso.sha512.sig]]+| [[https://repo.hyperbola.info/other/live_images/gnu-plus-linux-libre/hyperbola-milky-way-latest/hyperbola-milky-way-v0.4.4-dual.iso.sha512.sig | hyperbola-milky-way-v0.4.4-dual.iso.sha512.sig]]
 | Signed by the Hyperbola team to check the authenticity of the sha512sum file of the Hyperbola live image. | Signed by the Hyperbola team to check the authenticity of the sha512sum file of the Hyperbola live image.
 |} |}
  
-===== Hypertalking live image =====+Your **live_image** directory should now contain 3 files: Your live image and the sha512 file and the signed one, like this:
  
-{| border="0" style="border-collapse:collapse; width: 100%; text-align: center; color:#262627; background-color:#f8f9fa;" +  * hyperbola-milky-way-v0.4.4-dual.iso 
-! style="background-color:#eaecf0"  colspan="1" | File +  hyperbola-milky-way-v0.4.4-dual.iso.sha512 
-! style="background-color:#eaecf0"  colspan="1" | Description +  hyperbola-milky-way-v0.4.4-dual.iso.sha512.sig
-|- +
-| [[https://repo.hyperbola.info:50000/other/live_images/gnu-plus-linux-libre/hypertalking-2017.07.14/hypertalking-2017.07.14-dual.iso.sha512 | hypertalking-2017.07.14-dual.iso.sha512]] +
-| Contains the SHA512 sums to check the integrity of the Hypertalking live image. +
-|- +
-| [[https://repo.hyperbola.info:50000/other/live_images/gnu-plus-linux-libre/hypertalking-2017.07.14/hypertalking-2017.07.14-dual.iso.sha512.sig | hypertalking-2017.07.14-dual.iso.sha512.sig]] +
-| Signed by the Hyperbola team to check the authenticity of the sha512sum file of the Hypertalking live image. +
-|} +
- +
-Your ~/live_image directory should now contain 3 files: Your live image and the sha512 file and the signed one, like this: +
- +
-  hyperbola-2017.07.14-dual.iso +
-  hyperbola-2017.07.14-dual.iso.sha512 +
-  hyperbola-2017.07.14-dual.iso.sha512.sig+
  
 ===== Integrity check ===== ===== Integrity check =====
Line 45: Line 32:
 In most GNU/Linux distributions the SHA512 sum can be generated by opening a terminal and running the following commands: In most GNU/Linux distributions the SHA512 sum can be generated by opening a terminal and running the following commands:
  
-  cd +<code bash> 
-  cd live_image +cd 
-  sha512sum -b *.iso+</code> 
 + 
 +<code bash> 
 +cd live_image 
 +</code> 
 + 
 +<code bash> 
 +sha512sum -b *.iso 
 +</code>
  
 The last command should show you the SHA512 sum of your live file. Compare it to the sha512sum file. If it match, you've successfully verified the integrity of your live image. The last command should show you the SHA512 sum of your live file. Compare it to the sha512sum file. If it match, you've successfully verified the integrity of your live image.
  
-**Note: If you have coreutils version 8.25 or newer, another way of checking the sum is to ask the sha512sum command to check the file against the sha512sum file, like this:**+<note> 
 +If you have <color #620BB9/#EEDDFF>coreutils</color> version 8.25 or newer, another way of checking the sum is to ask the sha512sum command to check the file against the sha512sum file, like this:
  
-  sha512sum -c hyperbola-2017.07.14-dual.iso.sha512+<code bash> 
 +sha512sum -c hyperbola-milky-way-v0.4.4-dual.iso.sha512 
 +</code> 
 +</note>
  
 ===== Authenticity check ===== ===== Authenticity check =====
Line 61: Line 60:
 **Import the Hyperbola signing key:** **Import the Hyperbola signing key:**
  
-  gpg --keyserver pgp.mit.edu --recv-key "684D 54A1 8930 5A9C C954 46D3 6B88 8913 DDB5 9515"+<code bash> 
 +gpg --keyserver keyserver.ubuntu.com --recv-key "C92B AA71 3B8D 53D3 CAE6 3FC9 E697 4752 F970 4456" 
 +</code> 
 + 
 +<note> 
 +If gpg complains about the key ID, try the following commands instead: 
 + 
 +<code bash> 
 +gpg --keyserver keyserver.ubuntu.com --recv-key F9704456 
 +</code>
  
-Note: If gpg complains about the key ID, try the following commands instead:+<code bash> 
 +gpg --list-key --with-fingerprint F9704456 
 +</code>
  
-  gpg --keyserver pgp.mit.edu --recv-key DDB59515+Check the output of the last command, to make sure the fingerprint is **C92B AA71 3B8D 53D3 CAE6 3FC9 E697 4752 F970 4456**. 
 +</note>
  
-  gpg --list-key --with-fingerprint DDB59515+**Verify the authenticity of the sha512sum file, like this:**
  
-Check the output of the last command, to make sure the fingerprint is 684D 54A1 8930 5A9C C954 46D3 6B88 8913 DDB5 9515.+<code bash> 
 +cd 
 +</code>
  
-**Verify the authenticity of he sha512sum file, like this:**+<code bash> 
 +cd live_image 
 +</code>
  
-  cd +<code bash> 
-  cd live_image +gpg --verify hyperbola-milky-way-v0.4.4-dual.iso.sha512.sig 
-  gpg --verify hyperbola-2017.07.14-dual.iso.sha512.sig+</code>
  
-The output of the last command should tell you that the file signature is 'good' and that it was signed with the following key: **DDB59515**.+The output of the last command should tell you that the file signature is 'good' and that it was signed with the following key: **F9704456**.
  
 ===== Acknowledgement ===== ===== Acknowledgement =====
  
 This wiki article is based on **Mint's download page**. We may have removed non-[[https://www.gnu.org/philosophy/free-system-distribution-guidelines.html|FSDG]] bits from it. This wiki article is based on **Mint's download page**. We may have removed non-[[https://www.gnu.org/philosophy/free-system-distribution-guidelines.html|FSDG]] bits from it.