3.2. Verifying the downloaded release
来源:互联网 发布:安卓windows桌面 编辑:程序博客网 时间:2024/05/21 19:32
3.2. Verifying the downloaded release
There are a number of mechanisms to check the authenticity and validity of a downloaded release.
3.2.1. Getting the KEYS
To enable you to verify the GPG signature, you will need to download theKEYS file.
You next need to import those keys, which you can do by running:
#
gpg
--import KEYS
3.2.2. GPG
The CloudStack project provides a detached GPG signature of the release. To check the signature, run the following command:
$
gpg
--verify apache-cloudstack-4.0.0-incubating-src.tar.bz2.asc
If the signature is valid you will see a line of output that contains 'Good signature'.
3.2.3. MD5
In addition to the cryptographic signature, CloudStack has an MD5 checksum that you can use to verify the download matches the release. You can verify this hash by executing the following command:
$
gpg
--print-md MD5 apache-cloudstack-4.0.0-incubating-src.tar.bz2 |diff
- apache-cloudstack-4.0.0-incubating-src.tar.bz2.md5
If this successfully completes you should see no output. If there is any output from them, then there is a difference between the hash you generated locally and the hash that has been pulled from the server.
3.2.4. SHA512
In addition to the MD5 hash, the CloudStack project provides a SHA512 cryptographic hash to aid in assurance of the validity of the downloaded release. You can verify this hash by executing the following command:
$
gpg
--print-md SHA512 apache-cloudstack-4.0.0-incubating-src.tar.bz2 |diff
- apache-cloudstack-4.0.0-incubating-src.tar.bz2.sha
If this command successfully completes you should see no output. If there is any output from them, then there is a difference between the hash you generated locally and the hash that has been pulled from the server.
0 0
- 3.2. Verifying the downloaded release
- Verifying the Signature of a PE File
- Verifying the Signature of a PE File
- Signing a Hash and Verifying the Hash Signature
- MSDN原文例子:Verifying the Signature of a PE File
- androi-Verifying App Behavior on the Android Runtime (ART)
- {errMsg: "chooseWXPay:fail, the permission value is offline verifying"}
- How to make 9-patch image downloaded from the Network
- Android API Guides---Verifying App Behavior on the Android Runtime (ART)
- 微信接口 output {"errMsg":"translateVoice:fail, the permission value is offline verifying"}
- Surviving the Release Version
- Surviving the Release Version
- 3.1. Getting the release
- release the temptation
- The Release Process
- What To Do Once You've Downloaded A Module From The CPAN
- 分析PMT changed for the ROM:it must be downloaded.升级失败。
- Verifying a Signature
- 常用的uboot的bootargs设置
- 準備用作Table Scroll到最下時加載更多資料到TableView
- 黑马程序员——java基础学习(集合)
- jqgrid 点击父表行时 打开子表(subgrid)
- CodeWarrior 编译程序连接有误
- 3.2. Verifying the downloaded release
- 世界时区英文缩写一览表
- 弹出拟态对话框步骤
- 正则表达式30分钟入门教程
- 如何在Excel中添加单元格菜单选项
- 计算机何中常用的函数及一些精度的简单处理
- thinkphp树形菜单
- JAVA中采用相对路径读取文件
- 我为什么喜欢编程?