Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
IF you prefer / have to be using gpg2 (dpkg -l |grep gnupg2 , if your unsure a return response indicates a gpg2 instance is installed)
then either first do one of the following ( mitn 18 comes with BOTH gpg1.4 and gpg2.1 by default but uses gpg1.4):
$GPG=gpg2
OR
nano ~/.bashrc and ADD this line at the bottom of file and save it.
alias gpg='gpg2 '
If using mint in virgin setup there is NO default keyserver so add --keyserver keyserver.ubuntu.com to below commands.
user@localhost ~ $ gpg --recv-key "27DE B156 44C6 B3CF 3BD7 D291 300F 846B A25B AE09"
gpg: key A25BAE09: public key "Linux Mint ISO Signing Key <root@linuxmint.com>" imported
gpg: marginals needed: 3 completes needed: 1 trust model: PGP
gpg: depth: 0 valid: 3 signed: 6 trust: 0-, 0q, 0n, 0m, 0f, 3u
gpg: depth: 1 valid: 6 signed: 3 trust: 6-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2017-01-01
gpg: Total number processed: 1
gpg: imported: 1
user@localhost~ $ cd ~/Downloads
user@localhost ~/Downloads $ wget https://ftp.heanet.ie/mirrors/linuxmint.com/stable/18/sha256sum.txt https://ftp.heanet.ie/mirrors/linuxmint.com/stable/18/sha256sum.txt.gpg
--2016-07-12 06:53:19-- https://ftp.heanet.ie/mirrors/linuxmint.com/stable/18/sha256sum.txt
Resolving ftp.heanet.ie (ftp.heanet.ie)... 193.1.193.64, 2001:770:18:aa40::c101:c140
Connecting to ftp.heanet.ie (ftp.heanet.ie)|193.1.193.64|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 384 [text/plain]
Saving to: ‘sha256sum.txt’
sha256sum.txt 100%[========================>] 384 --.-KB/s in 0s
2016-07-12 06:53:20 (3.82 MB/s) - ‘sha256sum.txt’ saved [384/384]
--2016-07-12 06:53:20-- https://ftp.heanet.ie/mirrors/linuxmint.com/stable/18/sha256sum.txt.gpg
Reusing existing connection to ftp.heanet.ie:443.
HTTP request sent, awaiting response... 200 OK
Length: 819 [text/plain]
Saving to: ‘sha256sum.txt.gpg’
sha256sum.txt.gpg 100%[========================>] 819 --.-KB/s in 0s
2016-07-12 06:53:20 (7.99 MB/s) - ‘sha256sum.txt.gpg’ saved [819/819]
FINISHED --2016-07-12 06:53:20--
Total wall clock time: 1.4s
Downloaded: 2 files, 1.2K in 0s (5.92 MB/s)
user@localhost ~/Downloads $ gpg --verify sha256sum.txt.gpg sha256sum.txt
gpg: Signature made Thu 30 Jun 2016 07:13:33 AM EDT using RSA key ID A25BAE09
gpg: Good signature from "Linux Mint ISO Signing Key <root@linuxmint.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 27DE B156 44C6 B3CF 3BD7 D291 300F 846B A25B AE09
Note: this Warning: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
deals with the fact that the gpg is imported but not set with a trust level yet ( if updating or using a non mint system to download mint and validate the iso this is common, the important part is:
gpg: Signature made Thu 30 Jun 2016 07:13:33 AM EDT using RSA key ID A25BAE09
gpg: Good signature from "Linux Mint ISO Signing Key <root@linuxmint.com>" [unknown]
which indicates that the ISO WAS signed by a valid key known to be used by the intended key holder and that while you have not set a trust level for it locally the file(s) verified with that key above are valid and un-compromised.
user@localhost ~/Downloads $ sha256sum -c sha256sum.txt |grep -Ei 'OK'
linuxmint-18-cinnamon-32bit.iso: OK
linuxmint-18-cinnamon-64bit.iso: OK
linuxmint-18-mate-32bit.iso: OK
linuxmint-18-mate-64bit.iso: OK
Note: if you have only downloaded one or some but not all the isos your output will be longer or shorter accordingly
assuming you DON'T see FAILED: Failed to open or read file you are all set and ready to `burn` your iso to usb or dvd for install.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.