Last active
March 21, 2018 16:59
-
-
Save dbist/bb099248bcdcb56695a5b6bbda872165 to your computer and use it in GitHub Desktop.
verify project signatures
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# import relevant KEYS from project | |
curl https://dist.apache.org/repos/dist/release/accumulo/KEYS | gpg --import | |
# verify signature against downloaded file | |
gpg --verify hbase-thirdparty-2.1.0-src.tar.gz.asc hbase-thirdparty-2.1.0-src.tar.gz | |
# verify sha512 checksum on a file | |
gpg --print-md sha512 hbase-thirdparty-2.1.0-src.tar.gz | diff hbase-thirdparty-2.1.0-src.tar.gz.sha512 - | |
# verify sha512 checksum with case insensitivity but it should work either way (diff -i) | |
gpg --print-md sha512 hbase-thirdparty-2.1.0-src.tar.gz | diff -i hbase-thirdparty-2.1.0-src.tar.gz.sha512 - |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment