Hi, Doug wrote:
> If the md5 sum doesn't agree with what's posted, it most likely means a > glitch in the data transmission. Download it again. Good advise. One has to be aware that MD5 is not considered to be safe against malicious manipulations but only for transport safety. If one has to fear attacks, then file SHA512SUMS.sign and program gpg --verify should be used to verify file SHA512SUMS. Program sha512sum should then be used to obtain the SHA512 of the ISO which hopefully matches the one that is listed in SHA512SUMS. > You can only check the md5 sum on the download. Once you > burn it to a CD or DVD, there's no telling what the md5 sum will be. There is one shown in https://www.debian.org/CD/faq/#verify The "isosize" program can be used to find out the appropriate amount of bytes to be read from the optical media. It shows the "sector count" and the "sector size" from the optical media, where "<device>" is the device file of the loaded optical media. $ /sbin/isosize -x <device> sector count: 25600, sector size: 2048 Then "sector count" and "sector size" are passed to "dd" to read the appropriate amount of bytes from the optical media and the byte stream is then piped to the appropriate checksum tool (md5sum, sha1sum, etc). $ dd if=<device> count=<sector count> bs=<sector size> | sha1sum The computed checksum is to be compared against the corresponding checksum found in the appropriate checksum file (MD5SUMS, SHA1SUMS, etc). Alternatively, there is a useful helper script called check_debian_iso https://people.debian.org/~danchev/debian-iso/check_debian_iso which can verify ISO image files and optical media, reading the appropriate amount of bytes from media then computing the checksum and comparing it against the checksum file. ISO image file verification. This will compare the checksum of the debian-6.0.3-amd64-netinst.iso image file against the corresponding checksum found in the MD5SUMS checksum file. $ ./check_debian_iso MD5SUMS debian-6.0.3-amd64-netinst.iso Optical media verification. This will compare the checksum of the media accessible as /dev/dvd against the checksum of debian-6.0.3-amd64-DVD-1.iso as found in the MD5SUMS checksum file. Note that the ISO image file itself is not needed, its name is merely used to locate the corresponding checksum in the checksum file. $ ./check_debian_iso MD5SUMS debian-6.0.3-amd64-DVD-1.iso /dev/dvd The proposals work for USB stick /dev/sdb too. (It is about time this all gets updated to advise the use of SHA512.) Have a nice day :) Thomas