Results 1 to 7 of 7

Thread: iso fails gpg checksum on dowload of Leap 42.3

  1. #1

    Default iso fails gpg checksum on dowload of Leap 42.3

    Hello we are attempting to install Leap 42.3 on a Lenovo T61 with 4gb after a failed burned attempt and wanted to verify we had the correct file before burning to dvd again

    Reading SDBownload Help

    After downloading and checking the dvd installation media file the checksum command gpg fails with the message ...

    joe@linux-pzcr:~/Downloads> sha256sum -c openSUSE-Leap-42.3-DVD-x86_64.iso.sha256
    openSUSE-Leap-42.3-DVD-x86_64.iso: OK
    sha256sum: WARNING: 14 lines are improperly formatted

    joe@linux-pzcr:~/Downloads> gpg --recv-keys 0x22C07BA534178CD02EFE22AAB88B2FD43DBDC284
    gpg: WARNING: unsafe permissions on configuration file `/home/joe/.gnupg/gpg.conf'
    gpg: WARNING: unsafe enclosing directory permissions on configuration file `/home/joe/.gnupg/gpg.conf'
    gpg: external program calls are disabled due to unsafe options file permissions
    gpg: keyserver communications error: General error
    gpg: keyserver receive failed: General error
    joe@linux-pzcr:~/Downloads>

    Is it safe to ignore the gpg or is it important to get this double check first just be certain .?

    thanks for any advice !

  2. #2

    Default Re: iso fails gpg checksum on dowload of Leap 42.3

    Fix your file permissions and try again.

  3. #3
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    15,678
    Blog Entries
    3

    Default Re: iso fails gpg checksum on dowload of Leap 42.3

    Quote Originally Posted by Brunell View Post
    joe@linux-pzcr:~/Downloads> sha256sum -c openSUSE-Leap-42.3-DVD-x86_64.iso.sha256
    openSUSE-Leap-42.3-DVD-x86_64.iso: OK
    sha256sum: WARNING: 14 lines are improperly formatted
    This part is fine. The WARNING can be ignored. The iso file checked as OK.
    joe@linux-pzcr:~/Downloads> gpg --recv-keys 0x22C07BA534178CD02EFE22AAB88B2FD43DBDC284
    gpg: WARNING: unsafe permissions on configuration file `/home/joe/.gnupg/gpg.conf'
    gpg: WARNING: unsafe enclosing directory permissions on configuration file `/home/joe/.gnupg/gpg.conf'
    You need to fix those permissions.

    The chances are that your download is fine. So you could ignore the "gpg" check. But you will run into those problems again with other uses of "gpg".

    Things to check:

    The directory ".gnupg" should be writable only by you. It should not be group writable or other writable. It is best that it also be readable only by you. Typical permissions should be drwx------ with you as the owner.
    Your home directory should not be group writable or other-writable, though it is okay for it to be readable by others. Typical permissions are drwxr-xr-x. The same applies to the "/home" directory and to the "/" directory.
    openSUSE Leap 15.3; KDE Plasma 5.18.6;

  4. #4

    Default Re: iso fails gpg checksum on dowload of Leap 42.3

    First thank you for all the very useful replies .....

    I have changed the permissions on the /home/joe/.gnupg folder and now get this output from gpg command

    joe@linux-pzcr:~> gpg --recv-keys 0x22C07BA534178CD02EFE22AAB88B2FD43DBDC284
    gpg: requesting key 3DBDC284 from hkp server keys.gnupg.net
    gpg: key 3DBDC284: public key "openSUSE Project Signing Key <opensuse@opensuse.org>" imported
    gpg: no ultimately trusted keys found
    gpg: Total number processed: 1
    gpg: imported: 1 (RSA: 1)
    joe@linux-pzcr:~>

    The key has imported but It is not conclusive ..i will do more research and go from there ..we have not used gpg on past releases as everything installed fine.

    thanks again !

  5. #5

    Default Re: iso fails gpg checksum on dowload of Leap 42.3

    Further to my last post i have now verified that the downloaded file is correct ...

    joe@linux-pzcr:~/Downloads> gpg --verify openSUSE-Leap-42.3-DVD-x86_64.iso.sha256
    gpg: Signature made Fri 21 Jul 2017 11:10:34 BST using RSA key ID 3DBDC284
    gpg: Good signature from "openSUSE Project Signing Key <opensuse@opensuse.org>" [unknown]
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg: There is no indication that the signature belongs to the owner.
    Primary key fingerprint: 22C0 7BA5 3417 8CD0 2EFE 22AA B88B 2FD4 3DBD C284
    joe@linux-pzcr:~/Downloads>

    Please mark this thread as [SOLVED]

    thanks

  6. #6
    Join Date
    Sep 2012
    Posts
    7,105

    Default Re: iso fails gpg checksum on dowload of Leap 42.3

    Quote Originally Posted by Brunell View Post
    Further to my last post i have now verified that the downloaded file is correct ...
    Code:
    joe@linux-pzcr:~/Downloads>  gpg --verify openSUSE-Leap-42.3-DVD-x86_64.iso.sha256
    You verified that file with sha256 sum is correct. Is it what you tried to do? I suspect, not ...

  7. #7
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    15,678
    Blog Entries
    3

    Default Re: iso fails gpg checksum on dowload of Leap 42.3

    Quote Originally Posted by arvidjaar View Post
    You verified that file with sha256 sum is correct. Is it what you tried to do? I suspect, not ...
    He did previously check the downloaded iso -- see the opening post of the thread. Verifying the .sha256 file was where he ran into problems.
    openSUSE Leap 15.3; KDE Plasma 5.18.6;

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •