On Sun, Nov 13, 2022 at 11:46:22PM +0300, Gökşin Akdeniz wrote: > Hello, > > 13.11.2022 22:14 tarihinde Thomas George yazdı: > > I want to do a new verified instillation of a debian iso. I have the iso > > and SHA512SUMS.sign.txt and SHHA512SUMS.txt and have tried > > > > gpg --verify SHA512SUMS.sign.txt SHA512SUMS.txt with the result No > > Public Key > > > > Debian public keys are listed on web pages for downloads. Here is the link > for download page with checksums and public keys. > > https://www.debian.org/download > > Keys: > https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/SHA512SUMS.sign > > Checksums: > https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/SHA512SUMS > > > A reference to a step-by-step procedure would be appreciated. > > > > 1. Get GnuPG key info from SHA512SUMS.sign with command "gpg --verify > SHA512SUM.sign SHA512SUMS" > > 2.GnuPG will report for missing keys in keyring. Simply copy GnuPG key id > "DF9B9C49EAA9298432589D76DA87E80D6294BE9B" from output. > > 3 Get public key from Debian Keyservers with command: "gpg --key-server > keyring.debian.org --recv-keys DF9B9C49EAA9298432589D76DA87E80D6294BE9B" > > 4.GnuPG will download the public key. > > 5. Rerun verify command for checksum control: "gpg --verify SHA512SUM.sign > SHA512SUMS" > > 6. GnuPG will report if the SHA512SUMS file signature matches with > SHA512SUM.sign > > 7. If checksum of file is correct, then check the integrity of ISO files.: > "sha512sum debian-11.5.0-amd64-netinst.iso" > > 7.Calculated checksums and SHA512SUMS should match. > > > I hope, it helps.
Mutt crashes trying to open this post (while opening gnupg). That's weird. -H -- Henning Follmann | hfollm...@itcfollmann.com
