I downloaded the minimal CD iso. Where can I find a PGP signed page of SHA256 or SHA512 hashes for verification?
It says at https://www.debian.org/CD/verify: "Cryptographically strong checksum algorithms (SHA256 and SHA512) are available for every releases"
Where? I downloaded from here (https://www.debian.org/CD/netinst/) and cannot find a PGP signed page of hashes.
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Where are the hashes for verification of download?
Re: Where are the hashes for verification of download?
It's in the folder containing the image. e.g.:
https://cdimage.debian.org/debian-cd/cu ... 64/iso-cd/
https://cdimage.debian.org/debian-cd/cu ... 64/iso-cd/
Re: Where are the hashes for verification of download?
I clicked the link to download the ISO at this page: https://www.debian.org/CD/netinst/. An ISO was downloaded to my desktop (no folder). Which folder are your referring?orythem27 wrote:It's in the folder containing the image. e.g.:
https://cdimage.debian.org/debian-cd/cu ... 64/iso-cd/
How does one find the hashes from where I downloaded the ISO? Or is there no way?
Re: Where are the hashes for verification of download?
It's not obvious, so I thinks it's normal that you are unable to find it at first glance. Right click the download link ("amd64/i386/..."), select "Copy link address", open a new tab, paste the link, and remove the file name to enter the parent folder.kcbagr wrote:I clicked the link to download the ISO at this page: https://www.debian.org/CD/netinst/ ... How does one find the hashes from where I downloaded the ISO?
There might be a better way though. I, too, could not find an obvious link to the hashes on that page. Maybe we are both blind...
Re: Where are the hashes for verification of download?
Okay. Debian's setup for finding the hashes is not helpful for noobs :0orythem27 wrote:It's not obvious, so I thinks it's normal that you are unable to find it at first glance. Right click the download link ("amd64/i386/..."), select "Copy link address", open a new tab, paste the link, and remove the file name to enter the parent folder.kcbagr wrote:I clicked the link to download the ISO at this page: https://www.debian.org/CD/netinst/ ... How does one find the hashes from where I downloaded the ISO?
There might be a better way though. I, too, could not find an obvious link to the hashes on that page. Maybe we are both blind...
Your technique works, though. thanks!
Re: Where are the hashes for verification of download?
Thumbs up for your safety awareness on insisting to verify the downloaded image. Although reminded again and again, to this day, I still don't bother checking hashes most of the time. So, shame on me, maybe you wouldn't trust me as an iOS developer. 
Re: Where are the hashes for verification of download?
You definitely should verifyorythem27 wrote:Thumbs up for your safety awareness on insisting to verify the downloaded image. Although reminded again and again, to this day, I still don't bother checking hashes most of the time. So, shame on me, maybe you wouldn't trust me as an iOS developer.
It's clear that governments are actively trying to compromise people's OSes, which leads to everyone's insecurity.