Difference between revisions of "Template:Signature verification"

Finnix, the LiveCD for system administrators
Jump to navigation Jump to search
(Created page with "To verify download integrity, please use the provided OpenPGP signature. Download the ISO and signature (ending in <tt>.gpg</tt>) files, and run: <pre<includeonly></includeo...")
 
Line 1: Line 1:
To verify download integrity, please use the provided OpenPGP signature.  Download the ISO and signature (ending in <tt>.gpg</tt>) files, and run:
+
To verify download integrity, please use the provided OpenPGP signature.  Download <tt>{{{filename|finnix.iso}}}</tt> (the main file) and <tt>{{{filename|finnix.iso}}}.gpg</tt> (the detached signature), then run:
  
 
<pre<includeonly></includeonly>>
 
<pre<includeonly></includeonly>>

Revision as of 03:52, 29 May 2020

To verify download integrity, please use the provided OpenPGP signature. Download finnix.iso (the main file) and finnix.iso.gpg (the detached signature), then run:

gpg --recv-keys 867279B83BF8E815A236D39E7D6F85C04356E6C2
gpg --verify finnix.iso.gpg finnix.iso

The verification output should look similar to below:

gpg: Signature made using RSA key 867279B83BF8E815A236D39E7D6F85C04356E6C2
gpg: Good signature from "Finnix Release Signing Key <keymaster@finnix.org>"

Be sure to explicitly check the reported signature matches Finnix Release Signing Key's OpenPGP signature, 8672 79B8 3BF8 E815 A236 D39E 7D6F 85C0 4356 E6C2.