Fix live image integrity check
"gpg SHA512SUMS.sign" would do the right thing only if the file actually contained a detached signature. Use explicit and robust "gpg --verify SHA512SUMS.sign SHA512SUMS" instead.
This commit is contained in:
parent
27bef99239
commit
d7a14b078c
|
@ -72,7 +72,7 @@ $ curl -LfO https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/S
|
||||||
|
|
||||||
$ !!.sign
|
$ !!.sign
|
||||||
|
|
||||||
$ gpg SHA512SUMS.sign
|
$ gpg --verify SHA512SUMS.sign SHA512SUMS
|
||||||
[...]
|
[...]
|
||||||
gpg: Good signature from "Debian CD signing key <debian-cd@lists.debian.org>" [unknown]
|
gpg: Good signature from "Debian CD signing key <debian-cd@lists.debian.org>" [unknown]
|
||||||
[...]
|
[...]
|
||||||
|
|
Loading…
Reference in New Issue