Hello, 13.11.2022 22:14 tarihinde Thomas George yazdı:
I want to do a new verified instillation of a debian iso. I have the iso and SHA512SUMS.sign.txt and SHHA512SUMS.txt and have triedgpg --verify SHA512SUMS.sign.txt SHA512SUMS.txt with the result No Public Key
Debian public keys are listed on web pages for downloads. Here is the link for download page with checksums and public keys.
https://www.debian.org/downloadKeys: https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/SHA512SUMS.sign
Checksums: https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/SHA512SUMS
A reference to a step-by-step procedure would be appreciated.
1. Get GnuPG key info from SHA512SUMS.sign with command "gpg --verify SHA512SUM.sign SHA512SUMS"
2.GnuPG will report for missing keys in keyring. Simply copy GnuPG key id "DF9B9C49EAA9298432589D76DA87E80D6294BE9B" from output.
3 Get public key from Debian Keyservers with command: "gpg --key-server keyring.debian.org --recv-keys DF9B9C49EAA9298432589D76DA87E80D6294BE9B"
4.GnuPG will download the public key.5. Rerun verify command for checksum control: "gpg --verify SHA512SUM.sign SHA512SUMS"
6. GnuPG will report if the SHA512SUMS file signature matches with SHA512SUM.sign
7. If checksum of file is correct, then check the integrity of ISO files.: "sha512sum debian-11.5.0-amd64-netinst.iso"
7.Calculated checksums and SHA512SUMS should match. I hope, it helps.
Attachment:
OpenPGP_0x648AAD2AAA3BAD5F_and_old_rev.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature