Re: how to verify MD5SUMS.sign ?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Long Wind wrote:
> i have downloaded jessie CD from:
> http://mirrors.lug.mtu.edu/debian-cd/8.6.0/amd64/iso-cd/
> i know how to verify MD5SUMSbut how to verify MD5SUMS.sign?
> Thanks!
There should be a referenced gpg key somewhere. Quick google shows it as
https://www.debian.org/CD/verify . You'll need one (or all) of the noted
keys, then you can use gpg to verify the sig.
The command
gpg --verify MD5SUMS.sign
should be good enough, assuming the public keys are on your keyring, and
your web-of-trust is sufficient to validate the keys (or you've marked
the keys as trusted in some manner).
That being said, MD5 hashes are considered "weak" these days, and it is
generally recommended to verify with SHA256 hashes instead.
HTH
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJaOGPvAAoJEI4R3fMSeaKBq5oH/ij1Wrqso8N8EYT2wcxNi6HR
57ZxpAYjJh02p9ywVe7Ymw+jUkyfZlEvHyATLztWplh2G+w1hp/xbr7awAnVjshr
axw6efxC7q5J+HaRj7O3OzpTAW2o6WuwePwoXKl6+WjxSYoGs1u6cMebz4cHwq3I
FmaqfhWUyrKLlOfRrnmbf4yKzzJKuFnz+kIzh+s0rZrzh+5PxfOl56ANavVWjDBq
XYEABwzMnik0TPADGrFpW17rSoOpyuj6vujeIRycrdzie3seH2EWqBMR6BwUL58c
mQlvnW7rT9aSdQf0M0dx40zfV4UB1leUAdVQqrDSmhRns3TEmBJWc4vjqDrTacc=
=X0Me
-----END PGP SIGNATURE-----
--
|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5 4AEE 8E11 DDF3 1279 A281
Reply to: