On Tue, 2005-02-01 at 18:09 -0800, Richard Hubbell wrote: > I want to download some files from here but I don't see any checksums > or hte like to verify the packages after download. > > http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/i386/ Ideally, you should be using yum instead of downloading individual RPM files. yum verifies the package integrity using GPG encryption keys. RPM will do the same if you import the keys. > Does anyone know where I can find those? They are built-in to the RPM package itself: rpm --checksig somepackage.rpm If you want to verify that the package hasn't been altered you really should import the appropriate GPG keys and verify the GPG signature: http://www.fedorafaq.org/#gpgsig For example: $ rpm --checksig xosd-2.2.12-1.1.fc3.rf.i386.rpm xosd-2.2.12-1.1.fc3.rf.i386.rpm: (sha1) dsa sha1 md5 gpg OK -- David Norris http://www.webaugur.com/dave/ ICQ - 412039
Attachment:
signature.asc
Description: This is a digitally signed message part
