Re: the archlinux torrent

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

I used a flash drive earlier and removed it but now have an /dev/sdb drive
with 8 megs size on the computer that remains after power is shut off when
power is turned on again.  Has anyone had anything like this happen before
and what could cause this?  I downloaded an iso with aria2c earlier and
got the gpg key for that iso and tried verifying the iso with the included
.asc files and got a bad gpg signature returned  on verification.


-- Jude <jdashiel at panix dot com> "There are four boxes to be used in
defense of liberty: soap, ballot, jury, and ammo. Please use in that
order." Ed Howdershelt 1940.

On Thu, 31 Aug 2023, mpan wrote:

>   If the SHA-256 hash agrees, the file did not sustain any damage in transit.
> It does not matter how unreliable your connection is. If the file seen any
> unintentional, random changes, SHA-256 would not agree. The same holds for
> SHA-1, which is checked by torrent clients.⁽¹⁾ Your file is not damaged.
>
>   Hypothetically you may be falling victim to a malicious agent, but the
> picture I see does not put this scenario among most likely explanations of
> your trouble. I absolutely support you wish to do proper security, but I
> believe this will not lead to overcoming the problem.
>
>   To resolve the issue, we need to know, what exactly happens and where. What
> command do you execute, at which stage of the installation (please refer to
> the specific part of the Arch Wiki), what are the errors? “failure to install
> with all manner of python errors before I tried to get the signature and
> verify the disk” is not only letting us understand, what is happening. It is
> making things confusing, because signature verification is done before Arch
> ISO is even used.
>
>   As for errors from `gpg --verify`: is this the actual, exact error message
> gpg printed? If not, in future please do not paraphrase errors: it really
> makes helping harder. I guess you might’ve received an error about gpg not
> being able to open the signature file. Does the file exist?
>
> ____
> ⁽¹⁾ Based on documentation, aria2 seems to disable integrity checks by
> default. I was not aware of this before and imagine astonishment on my face.
> But this does not apply to your case, because of the `-V` option.
>
>
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux