===== Verify ISO/IMG image =====

==== Basic way ====

=== Linux host ===

Sparky iso image should be downloaded from one of the official servers only. Use links from the download page only: [[https://sparkylinux.org/download|https://sparkylinux.org/download]] to make sure they are official.

Download the AllSums.txt file too, which features control sums of the ISO/IMG image:
   * md5sum
   * sha1
   * sha256
   * sha512

To verify Sparky ISO/IMG image, run one of the command, using a terminal emulator, in the download folder:
   md5sum sparkylinux-<version>-<arch>-<edition>.iso
   sha1sum sparkylinux-<version>-<arch>-<edition>.iso
   sha256sum sparkylinux-<version>-<arch>-<edition>.iso
   sha512sum sparkylinux-<version>-<arch>-<edition>.iso
   
For example:
   md5sum sparkylinux-4.2-x86_64-kde.iso
   364569cc931c1b8e4b5d17b978be85a6  sparkylinux-4.2-x86_64-kde.iso

To verify Sparky iso image compare the output sum with the sum provided by the AllSums.txt file

==== Signature ====

=== Linux host ===

Starting from Sparky version 4.3, all iso images are signed with the GPG public key.

1. Download 'Sparky ISO Public Key':
   wget https://sparkylinux.org/files/klucz/sparkylinux-iso.gpg.key -O sparkylinux-iso.gpg.key

2. Import the downloaded key:
   gpg --keyid-format long --import sparkylinux-iso.gpg.key
   gpg: /home/pavroo/.gnupg/trustdb.gpg: trustdb created
   gpg: key C39D3F722C86EECA: public key "Paweł Pijanowski (SparkyLinux ISO images key) <pavroo@onet.eu>" imported
   gpg: Total number processed: 1
   gpg:               imported: 1  (RSA: 1) 

3. Download **sparkylinux-<version>-<arch>-<edition>.iso.sig** file from the download page.

4. Open a terminal emulator in your download directory which contains both the Sparky ISO/IMG image and the sig file, and verify the ISO/IMG (example):
   gpg --keyid-format 0xlong --verify sparkylinux-4.3-i686-minimalcli.iso.sig sparkylinux-4.3-i686-minimalcli.iso
The output should display the right key:

   gpg: Signature made Fri 04 Mar 2016 07:45:37 PM CET
   gpg:                using RSA key 1F61A0A8478AE18EA3E77CF9C39D3F722C86EECA
   gpg: Good signature from "Paweł Pijanowski (SparkyLinux ISO images key) <pavroo@onet.eu>"
   Primary key fingerprint: 1F61 A0A8 478A E18E A3E7  7CF9 C39D 3F72 2C86 EECA

or:

   gpg: Signature made Fri 04 Mar 2016 07:45:37 PM CET
   gpg:                using RSA key 1F61A0A8478AE18EA3E77CF9C39D3F722C86EECA
   gpg: Good signature from "Paweł Pijanowski (SparkyLinux ISO images key) <pavroo@onet.eu>" [unknown]
   gpg: WARNING: This key is not certified with a trusted signature!
   gpg:          There is no indication that the signature belongs to the owner.
   Primary key fingerprint: 1F61 A0A8 478A E18E A3E7  7CF9 C39D 3F72 2C86 EECA
  
Change the ISO/IMG image name to the one you have.

Everything is fine if the ISO/IMG key is the same as is in point 2 and 4:
   gpg:                using RSA key 1F61A0A8478AE18EA3E77CF9C39D3F722C86EECA

----

<WRAP center box 100%>
|[[start|<--- Wiki start page]]  |  [[start|^ Wiki Start Page ^]]  |  [[burn_iso|Burn ISO image onto CD/DVD disk --->]]|
</WRAP>