DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Installation and Upgrading

OpenBSD Installation and Upgrading Installing and upgrading OpenBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 3 Weeks Ago
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 612
Thanked 9 Times in 9 Posts
Default 5.6 sha256sums

I downloaded 5.6 i386 and amd64 install iso on a Fedora box and wanted to check the sha256 hash.

They do not match the sha256 sums on the OpenBSD ftp sites.

For amd64
Quote:
[jsh@Pika amd64]$ sha256sum install56.iso
6b31b724ac4c3b83c668b54d16179cd3ca40901723e2d25670 1da30816a927bf install56.iso
With the following on the ftp.fr.openbsd.org/pub/OpenBSD/5.6/amd64/SHA256
Quote:
SHA256 (install56.iso) = b38e1314b487d0970549fab1ae3ad7617d0d29a7bae52ea968 d1d1d85d6bf433
Could someone either tell me what I'm doing wrong or verify the inconsistency before I report to the mailing lists? I do not want to be the individual yelling Ebola in the movie theater.

With the transition to libressl I'm also looking for the documentation on how to check the hash's in OpenBSD 5.6

Last edited by shep; 3 Weeks Ago at 05:04 PM. Reason: generate sum with libressl
Reply With Quote
  #2   (View Single Post)  
Old 3 Weeks Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,823
Thanked 214 Times in 189 Posts
Default

Its a problem with either your file transfer or the local mirror. I get a matching sha256 checksum when I run against the file I just downloaded from http://ftp.openbsd.org.
Reply With Quote
  #3   (View Single Post)  
Old 3 Weeks Ago
shep shep is offline
ISO Quartermaster
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 612
Thanked 9 Times in 9 Posts
Default

@jggimi - thanks

I pulled the file using wget. I'll try lftp on the Fedora box.

I also found a new, clean way to verify the file's hash in OpenBSD >= 5.5 in the new install INSTALL.amd64 here.

Quote:
Verifying the OpenBSD Installation Media:
-----------------------------------------

As of OpenBSD 5.5, installations are able to verify files for the next
release. The OpenBSD 5.6 release was signed with the
/etc/signify/openbsd-56-base.pub release key.

If you have an existing OpenBSD 5.5 or higher installation, you can run
signify(1) to verify the signature and checksum. For example, run the following
to verify that the cd56.iso file was distributed by the OpenBSD team:
signify -C -p /etc/signify/openbsd-56-base.pub -x SHA256.sig cd56.iso

If you are unable to run or compile signify(1), use sha256(1) with the SHA256
file to see if a file was corrupt during the transfer.
Reply With Quote
  #4   (View Single Post)  
Old 3 Weeks Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,823
Thanked 214 Times in 189 Posts
Default

Quote:
Originally Posted by shep View Post
..I also found a new, clean way to verify the file's hash...
No, that is much more than a hash comparison. That is a signature validation.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:15 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick