On 13/12/13 12:41, Ralf Mardorf wrote: > On Fri, 2013-12-13 at 12:27 +1100, Scott Ferguson wrote: >> - you can also use the installer to self-check. > > If it's compromised a self-check could be done compared with what ever > source.
I don't understand what you are trying to say. > >> I'm guessing you should read the FAQ (link is top-right of that page >> [*2]) if that's over your head. > > There's no explanation where the checksum files can be found. The iso > does include a md5sum.txt and nothing else. There simply is no file for > comparison. Huh? You can download the key from the same location as you download the iso. *Or* you can use the one on the iso:- $ ls -x autorun.inf [BOOT] css dists doc firmware g2ldr g2ldr.mbr install install.386 isolinux *md5sum.txt* pics pool README.html README.mirrors.html README.mirrors.txt README.source README.txt setup.exe tools win32-loader.ini (emphasis mine) > >> Paragraph 3: Check the appropriate signature.Here's a list of keys that >> have been used, the same ones are in the debian keyring package. > > Keys for what? Signing the image (context Ralph, context). For a MD5SSUMS.sign file? The iso doesn't include such a > file. I at least can't find it. I'd suggest you *read* the references I posted, then if you've still got questions... :) You may also find the man files for the three sum checking tools I posted informative. > > Regards, > Ralf > > Kind regards -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52aa6b99.3020...@gmail.com
