Difference between revisions of "Template:Signature verification"

Finnix, the LiveCD for system administrators
Jump to navigation Jump to search
Line 12: Line 12:
 
</pre>
 
</pre>
  
Be sure to explicitly check the reported signature matches Finnix Release Signing Key's OpenPGP signature, '''<tt>8672 79B8 3BF8 E815 A236 D39E 7D6F 85C0 4356 E6C2</tt>'''.<noinclude>
+
Be sure to explicitly check the reported signature matches Finnix Release Signing Key's OpenPGP signature, '''<tt>8672 79B8 3BF8 E815 A236 D39E 7D6F 85C0 4356 E6C2</tt>'''.{{ #if: {{{sha512sum|}}}
 +
 
 +
The following non-signature hashes are also available.  While verifying the OpenPGP signature is preferred, these can be used as lower-trust verification, ''as long as the entire hash is verified''.
 +
 
 +
<pre<includeonly></includeonly>>
 +
{{ #if: {{{sha512sum|}}} {{{sha512sum|}}} {{{filename|finnix.iso}}} (SHA-512) }}
 +
{{ #if: {{{sha256sum|}}} {{{sha256sum|}}} {{{filename|finnix.iso}}} (SHA-256) }}
 +
{{ #if: {{{md5sum|}}} {{{ms5dum|}}} {{{filename|finnix.iso}}} (MD5) }}
 +
</pre>
 +
}}<noinclude>
  
 
[[Category:Finnix templates|S]]</noinclude>
 
[[Category:Finnix templates|S]]</noinclude>

Revision as of 20:32, 8 August 2020

To verify download integrity, please use the provided OpenPGP signature. Download finnix.iso (the main file) and finnix.iso.gpg (the detached signature), then run:

gpg --recv-keys 867279B83BF8E815A236D39E7D6F85C04356E6C2
gpg --verify finnix.iso.gpg finnix.iso

The verification output should look similar to below:

gpg: Signature made using RSA key 867279B83BF8E815A236D39E7D6F85C04356E6C2
gpg: Good signature from "Finnix Release Signing Key <keymaster@finnix.org>"

Be sure to explicitly check the reported signature matches Finnix Release Signing Key's OpenPGP signature, 8672 79B8 3BF8 E815 A236 D39E 7D6F 85C0 4356 E6C2.