The instructions that we give about how to verify an iso using the provided gpg files are wrong. Thanks to lebarhon for making me aware of the problem. We only let users check the signature of the gpg file, but do _not_ let them check whether the checksums in the gpg files match the checksums of the iso. Someone can replace the iso and replace the unsigned checksum files so they match the corrupt iso. If he leaves the original gpg files untouched, a user won't notice someone messed with the iso because we only tell them how to check that the gpg files are signed by "Mageia Release <release@mageia.org>", we do not tell how to use the signed content! What we should tell them to do is e.g., after downloading all files for the Mageia-6-LiveDVD-Xfce-i586-DVD.iso http://www.mageia.org/en/downloads/get/?q=Mageia-6-LiveDVD-Xfce-i586-DVD.iso : to run: sha512sum Mageia-6-LiveDVD-Xfce-i586-DVD.iso gpg2 -d Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512.gpg etc. That way, in the "gpg2 -d" output, first the correct checksum is given and after that the signature is verified. So, if I first calculate the md5sum and then issue the gpg2 command, it is easy to see that the iso is good: $ md5sum Mageia-6-LiveDVD-Xfce-i586-DVD.iso 911088471ddc24bc2d92084e19cec534 Mageia-6-LiveDVD-Xfce-i586-DVD.iso $ gpg2 -d Mageia-6-LiveDVD-Xfce-i586-DVD.iso.md5.gpg 911088471ddc24bc2d92084e19cec534 Mageia-6-LiveDVD-Xfce-i586-DVD.iso gpg: Signature made za 15 jul 2017 16:46:59 CEST gpg: using RSA key 835E41F4EDCA7A90 gpg: Good signature from "Mageia Release <release@mageia.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B210 76A0 CBE4 D93D 66A9 D08D 835E 41F4 EDCA 7A90 [marja@localhost Mageia-6-LiveDVD-Xfce-i586-DVD]$ I think sha512 should be used to check isos instead of md5, but using the latter as example is easier ;-)
CC'ing docteam, in case there is wiki or calenco documentation that needs to be improved for this.
CC: (none) => doc-bugs
Note that checking the sig file overwrites the sum file with a validly signed copy of the sum file. The sum files are only included to allow people to check for a bad download by verifying the sum, if they choose to skip the gpg verification. The way to compare the sum file to what's in the iso image is using the appropriate sum command with the -c option ... [dave@x3 Mageia-6-LiveDVD-Xfce-i586-DVD]$ gpg Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512.gpg File `Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512' exists. Overwrite? (y/N) y gpg: Signature made 2017-07-15T10:46:59 EDT using RSA key ID EDCA7A90 gpg: Good signature from "Mageia Release <release@mageia.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B210 76A0 CBE4 D93D 66A9 D08D 835E 41F4 EDCA 7A90 [dave@x3 Mageia-6-LiveDVD-Xfce-i586-DVD]$ sha512sum -c Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512 Mageia-6-LiveDVD-Xfce-i586-DVD.iso: OK
CC: (none) => davidwhodgins
There are two levels of protection available. To avoid a man in the middle attack, where someone modifies the files on the server where they are being downloaded from, use the gpg file to obtain a signed copy of the sum file. The gpg key 0xEDCA7A90 can be obtained from any of the pgp key servers. (we should add a copy to our website). Checking the sig file produces a validly signed copy of the sum file. If you are only worried about a bad download, and not a man in the middle attack, the sum file can be downloaded from the same site as the iso file instead of using the copy produced by checking the gpg signed file. Then use the appropriate sum command (md5sum, sha1sum, sha512sum) with the -c option to compare the value from the sum file with the value calculated by reading the downloaded copy of the iso file.
Should also add, that while there are known ways to alter a file such that the md5 value will still match, it's probably good enough for verifying that there wasn't a bad download, though it should only be used if the files are being checked in a system where that's the only option available to check. For the truly paranoid, use the signed files for all three checksums. While there are ways to pass an altered file for md5, and probably sha1, passing all of md5 and sha1 and sha512 is as close to impossible as we can make it.
(In reply to Dave Hodgins from comment #3) > The gpg key 0xEDCA7A90 can be obtained from any of the pgp key servers. How? > (we should add a copy to our website). I can do it but besides above question I need minimum gpg setup procedure for this purpose.
CC: (none) => filip.komar
The various pgp/gpg gui utilities provide key server specification and search options, though that will vary depending on the gui used. Using the command line, ... $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xEDCA7A90 gpg: requesting key EDCA7A90 from hkp server pool.sks-keyservers.net gpg: key EDCA7A90: "Mageia Release <release@mageia.org>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 The above will import the signing key to your local keyring, if not already present. It also overrides the default key server to use, if one has already been set. For getting started with using gpg for the first time, we should link to a site like https://gnupg.org/gph/en/manual/c14.html
I'm not up-to-date on what's available for windows or mac users for working with pgp or gpg (pgp is the original software, now owned by symantec) https://www.symantec.com/products/desktop-email-encryption while gpg is the open source version).
(In reply to Dave Hodgins from comment #3) > (we should add a copy to our website). Is file exported with the command bellow the proper one for our web site? $ gpg --armor --export release@mageia.org I tried this procedure bellow but I'm unsure what to add on the DL page (http://www.mageia.org/en/downloads/get/?q=Mageia-6-LiveDVD-Xfce-i586-DVD.iso&d=1) as it seems almost the same? Note that adding the &d=1 on the end of url prevent to really DL the requested file. ************************************************************************ Procedure for checking the integrity of ISO file in Linux: 1A) First you need to import the signing key to your local keyring, if not already present: [user@localhost Mageia-6-LiveDVD-Xfce-i586-DVD]$ gpg --keyserver hkps://keys.niif.hu --recv-keys 0xEDCA7A90 gpg: requesting key EDCA7A90 from hkp server keys.niif.hu gpg: key EDCA7A90: public key "Mageia Release <release@mageia.org>" imported gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) 1B) or if key is already imported: [user@localhost Mageia-6-LiveDVD-Xfce-i586-DVD]$ gpg --keyserver hkps://keys.niif.hu --recv-keys 0xEDCA7A90 gpg: requesting key EDCA7A90 from hkps server keys.niif.hu gpg: key EDCA7A90: "Mageia Release <release@mageia.org>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 2) Then you can generate signature file (the one with gpg extension) for yourself. You can choose some other filename if you want. [user@localhost Mageia-6-LiveDVD-Xfce-i586-DVD]$ gpg Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512.gpg File `Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512' exists. Overwrite? (y/N) y gpg: Signature made sob 15 jul 2017 16:46:59 CEST using RSA key ID EDCA7A90 gpg: Good signature from "Mageia Release <release@mageia.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: B210 76A0 CBE4 D93D 66A9 D08D 835E 41F4 EDCA 7A90 3) Finally checking the ISO file itself with generated signature file: [user@localhost Mageia-6-LiveDVD-Xfce-i586-DVD]$ sha512sum -c Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512 Mageia-6-LiveDVD-Xfce-i586-DVD.iso: OK Windows, Mac and some other operating systems users please see https://www.gnupg.org/download/ ************************************************************************ Maybe last sentence?
URL: http://www.mageia.org/en/downloads/get/?q=Mageia-6-LiveDVD-Xfce-i586-DVD.iso => http://www.mageia.org/en/downloads/get/?q=Mageia-6-LiveDVD-Xfce-i586-DVD.iso&d=1
(In reply to Filip Komar from comment #8) > (In reply to Dave Hodgins from comment #3) > > (we should add a copy to our website). > Is file exported with the command bellow the proper one for our web site? > $ gpg --armor --export release@mageia.org Almost ... [dave@x3 ~]$ gpg --armor --export release@mageia.org > test.gpg [dave@x3 ~]$ gpg test.gpg pub 4096R/DA10B483 2011-03-08 Mageia Release <release@mageia.org> pub 4096R/EDCA7A90 2012-04-18 Mageia Release <release@mageia.org> That includes the old release key (never expired/revoked as the private key was lost), as well as the new one. [dave@x3 ~]$ gpg --armor --export EDCA7A90>test.gpg [dave@x3 ~]$ gpg test.gpg pub 4096R/EDCA7A90 2012-04-18 Mageia Release <release@mageia.org> That will extract just the currently used release key. > I tried this procedure bellow but I'm unsure what to add on the DL page > (http://www.mageia.org/en/downloads/get/?q=Mageia-6-LiveDVD-Xfce-i586-DVD. > iso&d=1) as it seems almost the same? > > Note that adding the &d=1 on the end of url prevent to really DL the > requested file. > > ************************************************************************ > Procedure for checking the integrity of ISO file in Linux: > 1A) First you need to import the signing key to your local keyring, if not > already present: > [user@localhost Mageia-6-LiveDVD-Xfce-i586-DVD]$ gpg --keyserver > hkps://keys.niif.hu --recv-keys 0xEDCA7A90 > gpg: requesting key EDCA7A90 from hkp server keys.niif.hu > gpg: key EDCA7A90: public key "Mageia Release <release@mageia.org>" imported > gpg: no ultimately trusted keys found > gpg: Total number processed: 1 > gpg: imported: 1 (RSA: 1) > > 1B) or if key is already imported: > [user@localhost Mageia-6-LiveDVD-Xfce-i586-DVD]$ gpg --keyserver > hkps://keys.niif.hu --recv-keys 0xEDCA7A90 > gpg: requesting key EDCA7A90 from hkps server keys.niif.hu > gpg: key EDCA7A90: "Mageia Release <release@mageia.org>" not changed > gpg: Total number processed: 1 > gpg: unchanged: 1 > > > 2) Then you can generate signature file (the one with gpg extension) for > yourself. You can choose some other filename if you want. The above should be ... 2) Then you can extract the checksum file from the signed copy of the checksum file (the one with gpg extension). > [user@localhost Mageia-6-LiveDVD-Xfce-i586-DVD]$ gpg > Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512.gpg > File `Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512' exists. Overwrite? (y/N) y > gpg: Signature made sob 15 jul 2017 16:46:59 CEST using RSA key ID EDCA7A90 > gpg: Good signature from "Mageia Release <release@mageia.org>" > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the owner. > Primary key fingerprint: B210 76A0 CBE4 D93D 66A9 D08D 835E 41F4 EDCA 7A90 > 3) Finally checking the ISO file itself with generated signature file: > [user@localhost Mageia-6-LiveDVD-Xfce-i586-DVD]$ sha512sum -c > Mageia-6-LiveDVD-Xfce-i586-DVD.iso.sha512 > Mageia-6-LiveDVD-Xfce-i586-DVD.iso: OK > > Windows, Mac and some other operating systems users please see > https://www.gnupg.org/download/ > ************************************************************************ If you are only interested in verifying the download did not corrupt the iso file, and not worried about a man in the middle attack, you can skip steps 1 and 2, and just verify the checksum using the downloaded .sha512 file in step 3. If the checksum verification in step 3 does not show "OK", you should discard the downloaded file and re-download the iso file from another site.
IIUC this is already fixed on web page: https://www.mageia.org/en/downloads/get/?q=Mageia-7.1-i586.iso&d=1 Please reopen if needed.
Status: NEW => RESOLVEDResolution: (none) => FIXED