Fix live image integrity check

"gpg SHA512SUMS.sign" would do the right thing only if the file actually
contained a detached signature.

Use explicit and robust "gpg --verify SHA512SUMS.sign SHA512SUMS"
instead.
This commit is contained in:
Jakub Wilk 2018-09-18 21:45:05 +02:00
parent 27bef99239
commit d7a14b078c
1 changed files with 1 additions and 1 deletions

View File

@ -72,7 +72,7 @@ $ curl -LfO https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/S
$ !!.sign $ !!.sign
$ gpg SHA512SUMS.sign $ gpg --verify SHA512SUMS.sign SHA512SUMS
[...] [...]
gpg: Good signature from "Debian CD signing key <debian-cd@lists.debian.org>" [unknown] gpg: Good signature from "Debian CD signing key <debian-cd@lists.debian.org>" [unknown]
[...] [...]