Re: signature files

To: debian-user@lists.debian.org
Subject: Re: signature files
From: Camaleón <noelamac@gmail.com>
Date: Wed, 5 Sep 2012 15:20:33 +0000 (UTC)
Message-id: <[🔎] k27qk1$gbk$6@ger.gmane.org>
References: <[🔎] CAHJcRbXmZ0hzoeeQNpUPMz01wcGjaGQEKTZXW7zUfJ33V5CqQg@mail.gmail.com>

On Tue, 04 Sep 2012 20:04:47 -0700, james gray wrote:

(please, no html posts, thanks)

> Question:
> 
> how does a person find the signature files using #md5sumsums

(...)

You usually have to manually check it (though some burning programs 
provide that capability). I mean, you get a file (e.g., file.iso) and 
that files provides a md5sum to ensure what you get is what is uploaded 
in the server with no modifications.

Once you have both things (file.iso and file.md5 or file.sig) you can run 
the command with no arguments (the easiest way): 

md5sum file.iso

Which will output the hash that you can then visually compare with the 
one you already have.

("man md5sum" provides additional info and available options for the 
command and Debian FAQ¹ page also provides more hints)

Anyway, I rarely use "gpg" (more secure, it uses sha512) but 
"md5sum" (less secure but quicker :-P). Some soamples bor both commands 
can be found here².

¹http://www.debian.org/CD/faq/index.en.html#verify
²http://maxgaukler.de/2011/verifying-debian-squeeze-cd-images-from-lenny/

Greetings,

-- 
Camaleón

Reply to:

References:
- signature files
  - From: james gray <kmzftq@gmail.com>

Prev by Date: Re: copying data from a partition with badblocks
Next by Date: Changing email password storage format
Previous by thread: Re: signature files
Next by thread: Re: signature files
Index(es):
- Date
- Thread