Re: how do I verify that the the checksum is correct?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Michael A. Peters wrote:
> But it is always a good idea to verify checksum independent of the
> download agent.
> sha1sum is what Fedora (and I believe the Fedora respins) use.
> There will be a file you can download from Fedora or the respin
> community that has the sha1dum in it. Put it is the same directory
> as the downloaded iso. Then use sha1sum with the checksum file as
> the arguement, and it will verify that what you have is genuine.

Also worth noting is that the SHA1SUM file is signed using GPG (at
least for the official Fedora .isos).  While checking the sha1sum will
assure you that the .iso downloaded completely, only by checking the
GPG signature can you be assured that the .iso is the official one
created by the Fedora project.

Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL:
Life is the art of drawing without an eraser.
    -- John Gardner

Attachment: pgpwPQctZyVja.pgp
Description: PGP signature

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux