Hello, dear Fedora community! I wanna ask you about alt.fedoraproject.org.
- Is alt.fedoraproject.org safe and officially supported by Fedora Project? Are all downloads on alt.fedoraproject.org free and free of charge?
- I have read this on Wikipedia about Fedora (Fedora Linux - Wikipedia) in Alternatives subtitle : In addition, all acceptable licenses for Fedora Linux (including copyright, trademark, and patent licenses) must be applicable not only to Red Hat or Fedora, but also to all recipients downstream. This means that any “Fedora-only” licenses, or licenses with specific terms that Red Hat or Fedora meets but that other recipients would not are not acceptable (and almost certainly non-free, as a result). What that means?
- How can I verify my iso from alt.fedoraproject.org? Can I use same steps like in fedoraproject.org? I mean:
Verify your download for security and integrity using the proper checksum file. If there is a good signature from one of the Fedora keys, and the SHA256 checksum matches, then the download is valid.
- Download the checksum file into the same directory as the image you downloaded.
- Import Fedora’s GPG key(s)
curl -O https://fedoraproject.org/fedora.gpg
- You can verify the details of the GPG key(s) here.
- Verify the checksum file is valid
gpgv --keyring ./fedora.gpg Fedora-Spins-39-1.5-x86_64-CHECKSUM
- Verify the checksum matches
sha256sum -c Fedora-Spins-39-1.5-x86_64-CHECKSUM
If the output states that the file is valid, then it’s ready to use!
Or I should use specific GPG not from https://fedoraproject.org/fedora.gpg