diff options
| author | filip <filip.komar@gmail.com> | 2016-05-15 22:23:30 +0200 |
|---|---|---|
| committer | filip <filip.komar@gmail.com> | 2016-05-15 22:23:30 +0200 |
| commit | 28bce0ac703d14465da57d579af90341f90b043c (patch) | |
| tree | b17a66303ae708b11e4253907369cf6a40256d45 /en/downloads/get | |
| parent | 8710f94c9f038c81e9ad89a0a2a20cc693247a96 (diff) | |
| download | www-28bce0ac703d14465da57d579af90341f90b043c.tar www-28bce0ac703d14465da57d579af90341f90b043c.tar.gz www-28bce0ac703d14465da57d579af90341f90b043c.tar.bz2 www-28bce0ac703d14465da57d579af90341f90b043c.tar.xz www-28bce0ac703d14465da57d579af90341f90b043c.zip | |
adding a gpg test to the DL page
Diffstat (limited to 'en/downloads/get')
| -rw-r--r-- | en/downloads/get/index.php | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/en/downloads/get/index.php b/en/downloads/get/index.php index 21e9bed86..1e1a286fe 100644 --- a/en/downloads/get/index.php +++ b/en/downloads/get/index.php @@ -235,8 +235,33 @@ if (array_key_exists('sha512', $product)) { } ?> </pre> - <p><?php _g('If checksums do not match, <strong>DO NOT use this ISO</strong>. Double-check and try to download again.'); ?></p> - <!-- TODO (rda): add direct download links to checksum and signature files as a backup. --> +<p><?php _g('If checksums do not match, <strong>DO NOT use this ISO</strong>. Double-check and try to download again.'); ?></p> +<p><?php _g('You can also verify the signature of an ISO.', null, ' '); +_g('First you need to import the key from a MIT PGP Public Key Server:'); ?></p> +<pre class="term"> +$ gpg --keyserver pgp.mit.edu --recv-keys EDCA7A90 +</pre> +<p><?php _g('In response there should be one of the following lines:'); ?></p> +<pre class="term"> +gpg: key EDCA7A90: public key "Mageia Release <release@mageia.org>" imported + +<?php _g('or if you already imported the key before:'); echo PHP_EOL; ?> + +gpg: key EDCA7A90: "Mageia Release <release@mageia.org>" not changed +</pre> +<p><?php _g('Then you need to verify the signature for the ISO.'); ?></p> +<pre class="term"> +$ gpg --verify /your/download/location/<?php echo basename($download); ?>.md5.gpg +</pre> +<p><?php _g('In response there should be a lines like:'); ?></p> +<pre class="term"> +gpg: Good signature from "Mageia Release <release@mageia.org>" +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: B210 76A0 CBE4 D93D 66A9 D08D 835E 41F4 EDCA 7A90 +</pre> +<p><?php _g('The warning about uncertified signature is expected.'); ?></p> +<!-- TODO (rda): add direct download links to checksum and signature files as a backup. --> </div> <?php endif; ?> <p><?php |