Difference between revisions of "Template:Signature verification"

Finnix, the LiveCD for system administrators
Jump to navigation Jump to search
Line 19: Line 19:
 
{{{sha512sum|}}} {{{filename|finnix.iso}}} (SHA-512) }}{{ #if: {{{sha256sum|}}} |
 
{{{sha512sum|}}} {{{filename|finnix.iso}}} (SHA-512) }}{{ #if: {{{sha256sum|}}} |
 
{{{sha256sum|}}} {{{filename|finnix.iso}}} (SHA-256) }}{{ #if: {{{md5sum|}}} |
 
{{{sha256sum|}}} {{{filename|finnix.iso}}} (SHA-256) }}{{ #if: {{{md5sum|}}} |
{{{ms5dum|}}} {{{filename|finnix.iso}}} (MD5) }}</pre>
+
{{{md5sum|}}} {{{filename|finnix.iso}}} (MD5) }}</pre>
 
}}<noinclude>
 
}}<noinclude>
  
 
[[Category:Finnix templates|S]]</noinclude>
 
[[Category:Finnix templates|S]]</noinclude>

Revision as of 20:38, 8 August 2020

To verify download integrity, please use the provided OpenPGP signature. Download finnix.iso (the main file) and finnix.iso.gpg (the detached signature), then run:

gpg --recv-keys 867279B83BF8E815A236D39E7D6F85C04356E6C2
gpg --verify finnix.iso.gpg finnix.iso

The verification output should look similar to below:

gpg: Signature made using RSA key 867279B83BF8E815A236D39E7D6F85C04356E6C2
gpg: Good signature from "Finnix Release Signing Key <keymaster@finnix.org>"

Be sure to explicitly check the reported signature matches Finnix Release Signing Key's OpenPGP signature, 8672 79B8 3BF8 E815 A236 D39E 7D6F 85C0 4356 E6C2.

The following non-signature hashes are also available. While verifying the OpenPGP signature is preferred, these can be used as lower-trust verification, as long as the entire hash is verified.