[ubuntu-studio-devel] https://
Ralf Mardorf
ralf.mardorf at alice-dsl.net
Mon Jun 5 09:54:33 UTC 2017
On Fri, 2 Jun 2017 07:22:20 -0700 (PDT), Len Ovens wrote:
>On Fri, 2 Jun 2017, Ralf Mardorf wrote:
>
>> I attached a script to download 64 bit architecture Ubuntu desktop
>> flavours, with an automatic check against signed checksums.
>>
>> After making the script executable running
>>
>> ./luamd64_1610.sh ubuntustudio 16.10
>> ./luamd64_1610.sh ubuntustudio 17.04
>
>zsync also auto checks against the checksums, with the added benefit
>it will only download the chunks you don't already have. It does
>require the url of the zsync file though, so less easy to use.
Hi Len,
thank you. Too funny, there's a page that doesn't exist:
https://wiki.ubuntu.com/ZsyncCdImage
But there's e.g. this page
http://www.ubuntubuzz.com/2017/03/downloading-gnulinux-with-zsync.html
or https://help.ubuntu.com/community/ZsyncCdImage .
I didn't read them, just searched for (signed) "checksum" without
success.
I didn't read the results of
https://www.google.de/?gws_rd=ssl#q=zsync+checksum .
Does it only check against the checksum or does it also check the
checksum against the signature?
Note, my script downloads the Ubuntu public keys and checks if the
checksums are valid, before it checks the ISO against the appropriate
checksum.
The script is from 2016-10-27, so downloading the keys _might_ (but I
don't think so) require an update.
[rocketmouse at archlinux ~]$ cat luamd64_1610.sh
#snip#
key gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys FBB75451 EFE21092
key gpg --list-keys --with-fingerprint FBB75451 EFE21092
key gpg --verify SHA256SUMS.gpg SHA256SUMS
#snip]#
sha256sum -c SHA256SUMS 2>&1 | grep OK
status=$?
if [ $status -ne 0 ]; then
echo "$flavour-$iso-amd64.iso: Validation failed"
fi
echo
exit $status
Regards,
Ralf
More information about the ubuntu-studio-devel
mailing list