Please hep me verify my Fedora 37 ISO image

Hello, I’m trying to follow this procedure and using Ubuntu 20.04 to try to verify the Fedora 37 Image I downloaded.

I copied the ISO to my USB drive and put the USB drive in my Laptop Running Ubuntu 20.04. I also downloaded the appropriate Checksum for the Workstation Image I downloaded and copied that to my USB with the image file>

After following the procedure it appears to be a valid image but I’d like to confirm if this is expected?

/media/EASEUSBOOT$ sha256sum -c *-CHECKSUM

Fedora-Workstation-Live-x86_64-37-1.7.iso: OK
sha256sum: WARNING: 19 lines are improperly formatted

1 Like

Yes, it is expected. Fedora-Workstation-Live-x86_64-37-1.7.iso: OK means that file’s integrity is verified.

1 Like

The improperly formatted lines are the OpenPGP signature that is embed in the file.

2 Likes

To avoid warning, I send the output of the verification step to stdout and pipe that into the checksum command:

curl -O https://getfedora.org/static/fedora.gpg
curl -O https://getfedora.org/static/checksums/37/iso/Fedora-Workstation-37-1.7-x86_64-CHECKSUM
gpgv --keyring ./fedora.gpg --output - Fedora-Workstation-37-1.7-x86_64-CHECKSUM | sha256sum -c

Result (no warning present):

gpgv: Signature made Thu 10 Nov 2022 09:56:12 AM HST
gpgv:                using RSA key ACB5EE4E831C74BB7C168D27F55AD3FB5323552A
gpgv: Good signature from "Fedora (37) <fedora-37-primary@fedoraproject.org>"
Fedora-Workstation-Live-x86_64-37-1.7.iso: OK
2 Likes