Hi Charles, OK the gpg key and the MD5SUM file, do I download these from the RH site, or do they already come on my RH 8 distribution disks? WHere on disk or site would they be located? Or is the MD5SUM file the actual file that I am testing against the distribution disks? I read at http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html that MD5 is a more reliable way to test data integrity, if I do MD5 checks is a checksum test redundant? >Depends on how you want to do it. First, import Red Hat's gpg key >(preferred), or add the appropriate command line switch to the rpm >call below to disable gpg key checking. Then get the MD5SUM file and >verify its gpg signature: > >gpg --verify MD5SUM > >Then checksum the image(s): > >md5sum <path> > >where <path> may be your CD-ROM device, such as /mnt/cdrom. > >e.g, for severn: > >cat MD5SUM ; md5sum severn-i386-disc*.iso > > >You should also check individual packages, e.g.: > >find <path> -iname "*.rpm" -exec rpm -K {} \; | grep NOT > >where silence implies acceptance. -- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/psyche-list
