Nic_bne wrote:. . .
Fetch a key
Once you know the key's ID, just ask the server for it:
$ gpg --keyserver keyring.debian.org --recv-keys 0x673A03E4C1DB921F
So, again, perhaps I'm missing something, but where do I find the key ID?
I remember trying to figure this out the first time also and it was because I didn't realize the keys where right in front of me LoL.
Also they don't make it very clear on what to do they just say download the keyring, heres the fingerprints now go verify it.(unless all this time I have been missing something)
Type this into your terminal exactly how it is.
- Code: Select all
gpg --keyserver keyring.debian.org --recv-keys 0x673A03E4C1DB921F
The output should say something like this
pg: key 673A03E4C1DB921F: 378 signatures not checked due to missing keys
gpg: key 673A03E4C1DB921F: "Gunnar Eyal Wolf Iszaevich <gwolf@debian.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
I imagine it says unchanged for me because I already have it and it hasn't been changed since I got it.
You also could possibly get out put that says the key is good but something like
no ultimately trusted keys where found
Which is usually fine it just means fro mmy understanding that your gpg doesn't recognize the key because it hasn't seen it before(something like that I think)
And the rest Ican't seem to find how to do it with GPG which in my opinion would be ther better option.
However if you jsut want to check the SHASUMS
I bet you missed the link on the download page (just like I did the first time)right above the dvd image that says 512 or 256.sign or sums.
That is the file you want to compare against the iso you have.
https://www.debian.org/CD/faq/#verify
Is the link you want.
I suggest using the script they are talking about it makes it easy.
Unless someone comes by and corrects me because it is outdated or something idk I use it and it works.
You need to be in the same directory that you downloaded them to.
- Code: Select all
./check_debian_iso.sh SHA512SUMS <nameofISO>
So mine was
- Code: Select all
./check_debian_iso.sh SHA512SUMS debian-10.0.0-amd64-DVD-1.iso
This is the output it just gave me(I needed a new iso anyway the one i had is from before the release.
SHA512SUMS debian-10.0.0-amd64-DVD-1.iso
Piping 1875968 blocks of 'debian-10.0.0-amd64-DVD-1.iso' through 'sha512sum'
to verify checksum list item 'debian-10.0.0-amd64-DVD-1.iso'.
1875968+0 records in
1875968+0 records out
3841982464 bytes (3.8 GB, 3.6 GiB) copied, 69.3563 s, 55.4 MB/s
Ok: 'debian-10.0.0-amd64-DVD-1.iso' matches 'debian-10.0.0-amd64-DVD-1.iso' in 'SHA512SUMS'
Says that it matches.