Hi, Juan Manuel wrote: > I have downloaded the latest version of debian12. I > have the GNU4win program with kleopatra but I don't know how to check the > digital signature.
Do i get it right that you have an MS-Windows system ? (And that by "GNU4win" you mean "GPG4win" ?) If so, you need a program to compute a SHA256 or SHA512 checksum from the downloaded .iso file and a program to verify the corresponding SHA*SUMS file by its SHA*SUMS.sign file. I'm not a user of MS-Windows, so i cannot recommend any software for those tasks. If no other way would be to see, i'd consider to install WSL and to do the verification by its help. https://wiki.debian.org/InstallingDebianOn/Microsoft/Windows/SubsystemForLinux In a Debian provided shell i would then do: gpg --verify SHA256SUMS.sign SHA256SUMS which should yield one of the key fingerprints as listed on https://www.debian.org/CD/verify Important will be these result statements: "Good signature from" ... "Debian" ... "Primary key fingerprint:" ... one of the listed fingerprints ... Then i'd compute the SHA256 of the .iso file sha256sum debian-12.5.0-amd64-netinst.iso and compare it with the checksum string which is listed for the .iso file in SHA256SUMS. -------------------------------------------------------------------- Alternative ideas: Maybe you can perform the .sign check similar to what https://docs.oracle.com/cd/E17952_01/mysql-5.7-en/checking-gpg-signature-windows.html proposes for "mysql-installer-community-5.7.44.msi" as payload file (yours would be SHA256SUMS) and "mysql-installer-community-5.7.44.msi.asc" as detached signature file (yours: SHA256SUMS.sign). This page https://3d-imaging.co.uk/blog/verifying-sig-files-with-gpgp4win/ states that GPG4win would offer the command line tool to run gpg --verify gpg4win*.exe.sig gpg4win*.exe (You'd just use file names SHA256SUMS.sign SHA256SUMS instead.) As for computing the SHA256 sum of the .iso, i find on https://www.pctipp.ch/praxis/windows-10/windows-10-sha256-hash-bordmitteln-pruefen-2507915.html a proposal for PowerShell, which in your case would look like: Get-Filehash debian-12.5.0-amd64-netinst.iso -Algorithm SHA256 Have a nice day :) Thomas
