On Sun, Jun 09, 2024 at 06:58:21AM +0200, to...@tuxteam.de wrote: > On Sun, Jun 09, 2024 at 07:41:58AM +0800, Jeff Peng wrote: > > Hello > > > > I am using the VMs from big providers such as AWS and Azure. > > I'd ask AWS/Azure support for that.
Yes, talking _with_ your vendor is the way to go. > They do known their infrastructure best, we hope, and, after all, > they are taking money for their service. Text from https://cloud.debian.org/images/cloud/ Debian Official Cloud Images In this page you can find the Debian cloud images provided by the Debian Cloud Team for some cloud providers. End users do not need to download these images, as they are usually provided by their cloud providers. How can I verify my download is correct and exactly what has been created by Debian? For the current official images (in the per-distribution directories), the safest method is to download the image and checksum files over TLS from cloud.debian.org or cdimage.debian.org. These names support DNSSEC, so a validating resolver can ensure that a client is connected to a Debian host. And TLS ensures that the data is not manipulated in flight. The legacy OpenStack images (in the OpenStack/ directory) provide checksums and signatures. See SHA512SUMS.sign, etc. For more information about the verification steps, read the verification guide If you're interested in contributing checksum signatures for the current images, please reach us on the list: debian-cloud at lists.debian.org. Other questions? Questions can be forwarded to the Debian Cloud Team: debian-cloud at lists.debian.org. Text from me Invest in win-win-situations Groeten Geert Stappers -- Silence is hard to parse