[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: F12 Live CHECKSUM failing



On 12/17/2009 10:20 AM, Richard Shaw wrote:
On Thu, Dec 17, 2009 at 12:03 PM, Sawrub<luckysharma11 gmail com>  wrote:
I downloaded the Fedora-12-x86_64-Live.iso using the torrent client, taking
the torrent from
http://torrent.fedoraproject.org/torrents//Fedora-12-x86_64-Live.torrent.
But the creation of bootable USB was not possible as the iso verification
failed message came up in the USB creator.
Verifying the iso following the steps at
'https://fedoraproject.org/en/verify' also resulted in vain. Please help me
so that the b/w does not goes wasted.

[sawrub mybox Fedora-12-x86_64-Live]$ ll
total 671756
-rw-rw-r--  1 sawrub sawrub       966 2009-12-17 22:34
Fedora-12-x86_64-Live-CHECKSUM
-rwxr-xr-x. 1 sawrub sawrub 687865856 2009-12-03 00:18
Fedora-12-x86_64-Live.iso
-rwxr-xr-x. 1 sawrub sawrub       152 2009-12-02 23:50 README-SOURCES

[sawrub mybox Fedora-12-x86_64-Live]$ curl
https://fedoraproject.org/static/fedora.gpg | gpg --import
  % Total    % Received % Xferd  Average Speed   Time    Time     Time
  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  9323  100  9323    0     0   4396      0  0:00:02  0:00:02 --:--:--
  8696
gpg: key 4EBFC273: "Fedora (10)<fedora fedoraproject org>" not changed
gpg: key 0B86274E: "Fedora (10 testing)<fedora fedoraproject org>" not
changed
gpg: key D22E77F2: "Fedora (11)<fedora fedoraproject org>" not changed
gpg: key 57BBCCBA: "Fedora (12)<fedora fedoraproject org>" not changed
gpg: key 217521F6: "Fedora EPEL<epel fedoraproject org>" not changed
gpg: Total number processed: 5
gpg:              unchanged: 5

[sawrub mybox Fedora-12-x86_64-Live]$ gpg --verify *-CHECKSUM
gpg: Signature made Tue 10 Nov 2009 01:26:40 AM IST using RSA key ID
57BBCCBA
gpg: Good signature from "Fedora (12)<fedora fedoraproject org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the
owner.
Primary key fingerprint: 6BF1 78D2 8A78 9C74 AC0D  C63B 9D1C C348 57BB CCBA
[sawrub mybox Fedora-12-x86_64-Live]$

Well, I'm not going to say that the above is not a problem as I saw
the same thing when using the same steps, however, nothing you have
done so far has anything to do directly with the ISO. That doesn't
happen until you do:

sha256sum *-CHECKSUM

When I actually found very confusing because if you look in the file
the headers shows "SHA1" not "SHA256" and there are commands for both
"sha1sum" and "sha256sum".

This has been discussed before on the list.

The header indicates that the checksum file _itself_ was signed with an
SHA1 checksum.  The checksums _inside_ the checksum file are the SHA256
checksums of the various .iso images.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer                      ricks nerd com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-           Blech!  ACKth!  Ooop!  -- Bill the Cat (Outland)         -
----------------------------------------------------------------------


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]