F12 Live CHECKSUM failing

Richard Shaw hobbes1069 at gmail.com
Thu Dec 17 18:20:31 UTC 2009


On Thu, Dec 17, 2009 at 12:03 PM, Sawrub <luckysharma11 at gmail.com> wrote:
> I downloaded the Fedora-12-x86_64-Live.iso using the torrent client, taking
> the torrent from
> http://torrent.fedoraproject.org/torrents//Fedora-12-x86_64-Live.torrent.
> But the creation of bootable USB was not possible as the iso verification
> failed message came up in the USB creator.
> Verifying the iso following the steps at
> 'https://fedoraproject.org/en/verify' also resulted in vain. Please help me
> so that the b/w does not goes wasted.
>
> [sawrub at mybox Fedora-12-x86_64-Live]$ ll
> total 671756
> -rw-rw-r--  1 sawrub sawrub       966 2009-12-17 22:34
> Fedora-12-x86_64-Live-CHECKSUM
> -rwxr-xr-x. 1 sawrub sawrub 687865856 2009-12-03 00:18
> Fedora-12-x86_64-Live.iso
> -rwxr-xr-x. 1 sawrub sawrub       152 2009-12-02 23:50 README-SOURCES
>
> [sawrub at mybox Fedora-12-x86_64-Live]$ curl
> https://fedoraproject.org/static/fedora.gpg | gpg --import
>  % Total    % Received % Xferd  Average Speed   Time    Time     Time
>  Current
>                                 Dload  Upload   Total   Spent    Left  Speed
> 100  9323  100  9323    0     0   4396      0  0:00:02  0:00:02 --:--:--
>  8696
> gpg: key 4EBFC273: "Fedora (10) <fedora at fedoraproject.org>" not changed
> gpg: key 0B86274E: "Fedora (10 testing) <fedora at fedoraproject.org>" not
> changed
> gpg: key D22E77F2: "Fedora (11) <fedora at fedoraproject.org>" not changed
> gpg: key 57BBCCBA: "Fedora (12) <fedora at fedoraproject.org>" not changed
> gpg: key 217521F6: "Fedora EPEL <epel at fedoraproject.org>" not changed
> gpg: Total number processed: 5
> gpg:              unchanged: 5
>
> [sawrub at mybox Fedora-12-x86_64-Live]$ gpg --verify *-CHECKSUM
> gpg: Signature made Tue 10 Nov 2009 01:26:40 AM IST using RSA key ID
> 57BBCCBA
> gpg: Good signature from "Fedora (12) <fedora at fedoraproject.org>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: 6BF1 78D2 8A78 9C74 AC0D  C63B 9D1C C348 57BB CCBA
> [sawrub at mybox Fedora-12-x86_64-Live]$

Well, I'm not going to say that the above is not a problem as I saw
the same thing when using the same steps, however, nothing you have
done so far has anything to do directly with the ISO. That doesn't
happen until you do:

sha256sum *-CHECKSUM

When I actually found very confusing because if you look in the file
the headers shows "SHA1" not "SHA256" and there are commands for both
"sha1sum" and "sha256sum".

Everything you've shown in your email has to do with verifying the
source of the CHECKSUM data, not comparing the CHECKSUM data to the
ISO.

Richard




More information about the fedora-list mailing list