美文网首页
【CentOS】如何校验CentOS镜像文件的完整性?

【CentOS】如何校验CentOS镜像文件的完整性?

作者: Bogon | 来源:发表于2023-07-04 07:25 被阅读0次

CentOS
https://www.centos.org/

Download
https://www.centos.org/download/
http://isoredirect.centos.org/centos/7/isos/x86_64/
http://mirrors.aliyun.com/centos/7.9.2009/isos/x86_64/

Validating the Files
https://wiki.centos.org/TipsAndTricks/sha256sum

How to Verify you are Getting CentOS Linux Images, ISOs, or Packages
https://wiki.centos.org/Download/Verify

CentOS GPG Keys
https://www.centos.org/keys/

image.png image.png 
# cat sha256sum.txt

689531cce9cf484378481ae762fae362791a9be078fda10e4f6977bf8fa71350  CentOS-7-x86_64-Everything-2009.iso
b79079ad71cc3c5ceb3561fff348a1b67ee37f71f4cddfec09480d4589c191d6  CentOS-7-x86_64-NetInstall-2009.iso
07b94e6b1a0b0260b94c83d6bb76b26bf7a310dc78d7a9c7432809fb9bc6194a  CentOS-7-x86_64-Minimal-2009.iso
e33d7b1ea7a9e2f38c8f693215dd85254c3a4fe446f93f563279715b68d07987  CentOS-7-x86_64-DVD-2009.iso
4b257cb5418e2ba44064121020dfe457fadaff0d0c597bb2f4e7f7eec4aef58a  CentOS-7-x86_64-DVD-2207-02.iso
f3f83472a24c8ebc66c81b346a743f4000b6b6ddf8c0eb098422d41476873b3b  CentOS-7-x86_64-Everything-2207-02.iso
d68f92f41ab008f94bd89ec4e2403920538c19a7b35b731e770ce24d66be129a  CentOS-7-x86_64-Minimal-2207-02.iso

# cat sha256sum.txt.asc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

689531cce9cf484378481ae762fae362791a9be078fda10e4f6977bf8fa71350  CentOS-7-x86_64-Everything-2009.iso
b79079ad71cc3c5ceb3561fff348a1b67ee37f71f4cddfec09480d4589c191d6  CentOS-7-x86_64-NetInstall-2009.iso
07b94e6b1a0b0260b94c83d6bb76b26bf7a310dc78d7a9c7432809fb9bc6194a  CentOS-7-x86_64-Minimal-2009.iso
e33d7b1ea7a9e2f38c8f693215dd85254c3a4fe446f93f563279715b68d07987  CentOS-7-x86_64-DVD-2009.iso
4b257cb5418e2ba44064121020dfe457fadaff0d0c597bb2f4e7f7eec4aef58a  CentOS-7-x86_64-DVD-2207-02.iso
f3f83472a24c8ebc66c81b346a743f4000b6b6ddf8c0eb098422d41476873b3b  CentOS-7-x86_64-Everything-2207-02.iso
d68f92f41ab008f94bd89ec4e2403920538c19a7b35b731e770ce24d66be129a  CentOS-7-x86_64-Minimal-2207-02.iso
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYuwI4STGqKf0qA61AQicpQ//QQE6bVciNw6M7hF/Y4fXLYhZLqaLPn2K
Jx+enbQ7YNviaciwNY+x8VBdGb/HxFC9ZbEWgMg14X7mcUY9GHOqAf9ueLRTicTn
iRK0Zjvr1c3tHAWieiSbSiDpNlE+NJDdqpq8RpQoWfqeyZtJInRdLntXJm0A2coi
Me/JjdsI9olW6ZsQAuOwtAujRvGvbs/ckmkQCFeE4hvRmt+P3o9sjpKJoyeNn9lG
mNmgt5P2my6eqeRYy93c95yoclhE2uxapS6LDgkWioktM2JMsNaWdvBXQWZZIHaQ
RCCyv95N+vlZ7LpiuD5g9SbdojZyullVpipWLirFEn5q1G5a3vvI28N+ZhLDZA4p
DJTJbrrLOeVUHluwoSJzb7Uzlv5QcIiOSHCw3rTtcLTWq0F4I6qVlrIZLYIDOQ5p
tFdU9cc8HMjdW/EMhhC6EZKtazrCHJ/+mXrjagmj1OuczBlmW9TMBsjLcs8Vh9p8
yd9N7eLzC8+sC7yE2zygkNs7KKvhHf3IUFvrNdfvEzeLAxG+nrGQknWWCYPTZbf8
8IcyOxX8ov4RmtpAYLxYnfAM9Q9DwjXJtey1jzLpT5JR0kyYYMYyH75/dWQMuOGI
7/MOyD05MdROPv8/V2BMWOYcr/BrdRILwoM0Eq1MejywaAbTumIzJ4VsCOTEwXhB
CKwCX5v+v2I=
=GS7q
-----END PGP SIGNATURE-----

sha256sum.txt 文件是一个包含文件校验和(checksum)的文本文件。
每行都包含一个文件的校验和以及文件名,用于验证文件的完整性。

sha256sum.txt.asc 文件是对 sha256sum.txt 文件的数字签名文件。
它使用私钥对 sha256sum.txt 文件进行签名,以确保该文件的真实性和完整性。
数字签名可以验证 sha256sum.txt 文件没有被篡改并且是由签名者发布的。

通过使用公钥来验证 sha256sum.txt.asc 文件的签名,可以确保 sha256sum.txt 文件没有被修改过,并且可以信任其中列出的文件校验和。
这样,用户可以使用这些校验和来验证下载的文件是否与原始文件完全一致,以防止文件被损坏或被恶意篡改。

  1. 从CentOS官网获取 CentOS7 的公钥文件
  2. 用gpg工具导入公钥
  3. 用CentOS7公钥文件校验由CentOS7私钥的签名的签名文件sha256sum.txt.asc
#  wget http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7
#  wget  https://mirrors.aliyun.com/centos/7.9.2009/isos/x86_64/sha256sum.txt.asc
 

在线导入
# gpg --quiet --with-fingerprint  http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7

从本地CentOS导入
# gpg --quiet --with-fingerprint  /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

pub  4096R/F4A80EB5 2014-06-23 CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>
      Key fingerprint = 6341 AB27 53D7 8A78 A7C2  7BB1 24C6 A8A7 F4A8 0EB5


# gpg --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

gpg: key F4A80EB5: "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1


# gpg --verify ./sha256sum.txt.asc

gpg: Signature made Fri 05 Aug 2022 01:58:57 AM CST using RSA key ID F4A80EB5
gpg: Good signature from "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6341 AB27 53D7 8A78 A7C2  7BB1 24C6 A8A7 F4A8 0EB5
bfd04c3e12825a2e8f660581c9d6778.png

参考

用sha256sum校验码检测文件完整性
https://www.jianshu.com/p/84d8c1125365

如何使用asc签名文件验证文件?
https://qastack.cn/server/896228/how-to-verify-a-file-using-an-asc-signature-file

相关文章

网友评论

      本文标题:【CentOS】如何校验CentOS镜像文件的完整性?

      本文链接:https://www.haomeiwen.com/subject/qvgqudtx.html

      延伸阅读

      深度阅读

      • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

      栏目导航

      热点阅读

      关于我们|服务条款|联系我们|【CentOS】如何校验CentOS镜像文件的完整性?|投稿指南|网站地图|RSS订阅|排版工具|手机版

      提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

      Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

      备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

      本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

      所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!