Project

General

Profile

action #114112

Verify that images are signed

Added by lkocman 7 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
Start date:
2022-07-19
Due date:
% Done:

0%

Estimated time:

Description

  • We no longer have to rename isos, nor sign them manually.

  • Verify that isos are signed with openSUSE key

check that we have signature for checksum files eg:

e.g. openSUSE-Leap-15.4-DVD-x86_64-Media.iso.sha256.asc

Check that the build number is not part of -Media*sha256 files

$ cat openSUSE-Leap-15.4-DVD-x86_64-Media.iso.sha256

4683345f242397c7fd7d89a50731a120ffd60a24460e21d2634e783b3c169695

openSUSE-Leap-15.4-DVD-x86_64-Media.iso

Check the signature of the .asc files

gpg: Signature made Mon 30 May 2022 07:05:44 PM CEST

gpg: using RSA key B88B2FD43DBDC284

Also available in: Atom PDF