Chksum validation failed

euklidoid · November 8, 2024, 10:08am

got chksum issue, dl source direct and sourceforce.

❯ sha256sum cachyos-desktop-linux-241003.iso
77c4ba835cf9b896efcd2b35f30b808d251fc96448d1cb69724a28ac4f64b00c cachyos-desktop-linux-241003.iso
❯ sha256sum cachyos-desktop-linux-241003.iso.sha256
f1e3445c2bef198315d9095f39b93f42301064addc15f82191e2aa7036d6dfdb cachyos-desktop-linux-241003.iso.sha256
❯ sha256sum -c cachyos-desktop-linux-241003.iso
sha256sum: WARNING: 10217929 lines are improperly formatted
❯ sha256sum -c cachyos-desktop-linux-241003.iso.sha256
cachyos-desktop-linux-241003.iso: OK

advice?

thanks

altman · November 8, 2024, 10:13am

Welcome aboard, hope that this can be of any help @euklidoid

euklidoid · November 8, 2024, 10:19am

thanks for coming back so quickly. I’ll go through.

altman · November 8, 2024, 10:19am

No problem @euklidoid

It just happend that I was in the forum, some other members could ve done the same.

I would try to download again, sometimes sh!t happens somehow, then see if it still persists.

euklidoid · November 8, 2024, 10:32am

I going to re -download. since the last step outcome is not a good one

❯ gpg --verify cachyos-desktop-linux-241003.iso.sig cachyos-desktop-linux-241003.iso
gpg: Signatur vom Do  3 Okt 20:56:25 2024 CEST
gpg:                mittels RSA-Schlüssel 882DCFE48E2051D48E2562ABF3B607488DB35A47
gpg: Korrekte Signatur von "CachyOS <admin@cachyos.org>" [unbekannt]
gpg: WARNUNG: Dieser Schlüssel trägt keine vertrauenswürdige Signatur!
gpg:          Es gibt keinen Hinweis, daß die Signatur wirklich dem vorgeblichen Besitzer gehört.
Haupt-Fingerabdruck  = 882D CFE4 8E20 51D4 8E25  62AB F3B6 0748 8DB3 5A47

But I cant say if I have a source mix like dl from sourceforce and sig from cachy.org, cuz I had also issue with cachy.org dl to get the usb-stick imaged or more likly outdated balenaE, so I dl the iso from sourceforce. Anyway I’ll give another shot with fresh dls.

altman · November 8, 2024, 11:05am

Well , maybe the site s down for maintenance @euklidoid

euklidoid · November 8, 2024, 11:07am

this time I dl’ed from mirror, but sorry to report, my issue persits, or is this a good signature? looks like on your wiki page, but this warning irritates…Am I good to go?

░▒▓   ~   11:42 
❯ shasum -a 256 -c cachyos-desktop-linux-241003.iso.sha1
cachyos-desktop-linux-241003.iso: OK

░▒▓   ~   11:59 
❯ gpg --keyserver hkps://keys.openpgp.org --recv-key F3B607488DB35A47
gpg: key F3B607488DB35A47: "CachyOS <admin@cachyos.org>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

░▒▓   ~   12:00 
❯ gpg --verify cachyos-desktop-linux-241003.iso.sig cachyos-desktop-linux-241003.iso
gpg: Signature made Thu Oct  3 20:56:25 2024 CEST
gpg:                using RSA key 882DCFE48E2051D48E2562ABF3B607488DB35A47
gpg: Good signature from "CachyOS <admin@cachyos.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 882D CFE4 8E20 51D4 8E25  62AB F3B6 0748 8DB3 5A47

hotte · November 8, 2024, 11:21am

don’t know where you see a problem ?

looks ok

euklidoid · November 8, 2024, 11:22am

this warning here [quote=“euklidoid, post:7, topic:4063”]
WARNING: This key is not certified with a trusted signature!
[/quote] that irritates me.
than lets give a try…if you hear a boom than it was me lol

hotte · November 8, 2024, 11:24am

this doesn’t mean something very important

try cachy and enjoy it

ptr1337 · November 8, 2024, 8:15pm

The gpg is fine, thats whats intended. You would need to import our pub key first, but as long the RSA fits, then is fine.