checksum fails on current openstack debian 9 image
Hi everyone !
I just downloaded the latest openstack debian 9 image from a debian mirror using :
https://cdimage.debian.org/cdimage/openstack/current-9/debian-9-openstack-amd64.qcow2
I also got the checksum and its signature :
https://cdimage.debian.org/cdimage/openstack/current-9/SHA256SUMS
https://cdimage.debian.org/cdimage/openstack/current-9/SHA256SUMS.sign
checksum's signature is good:
$ gpg --verify SHA256SUMS.sign
gpg: assuming signed data in 'SHA256SUMS'
gpg: Signature made dim. 29 mars 2020 16:40:45 CEST
gpg: using RSA key DF9B9C49EAA9298432589D76DA87E80D6294BE9B
gpg: Good signature from "Debian CD signing key <debian-cd@lists.debian.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: DF9B 9C49 EAA9 2984 3258 9D76 DA87 E80D 6294 BE9B
but checksum fails :
$ sha256sum -c SHA256SUMS --ignore-missing
debian-9-openstack-amd64.qcow2: FAILED
sha256sum: WARNING: 1 computed checksum did NOT match
sha256sum: SHA256SUMS: no file was verified
I've try to download a new copy (from the same mirror) but it still fails. The mirror I use is https://caesar.ftp.acc.umu.se/cdimage/openstack/current-9
I couldn't manage to find another mirror to check if this copy only was altered, or all of them.
If anyone could verify that on its side and provide me a mirror that contain a valid image that would be awesome !
Thanks for your help !
Reply to: