Sha256sum for 15.5 download x86-64 iso NO match

Bill_L · October 31, 2023, 1:24am

Verify Your Download Before Use
Many applications can verify the checksum of a download. To verify your download can be important as it verifies you really have got the ISO file you wanted to download and not some broken version.

For each ISO, we offer a checksum file with the corresponding SHA256 sum.

For extra security, you can use sha256sum to verify who signed those .sha256 files.

It should be AD48 5664 E901 B867 051A B15F 35A2 F86E 29B7 00A4

I think I did ths right, hopefully

sha256sum ~/Downloads/openSUSE-Leap-15.5-DVD-x86_64-Build491.1-Media.iso
53bcbcb82361c5261c9d0994ab0f94101bf28e61c06fe12d320984601be35a8f /home/bill/Downloads/openSUSE-Leap-15.5-DVD-x86_64

This number does not matrch what is on the get.opensuse.org web site

nrickert · October 31, 2023, 1:38am

Your download is fine. The sha256sum file for the download gives the same value.

The web page is poorly worded. It is trying (but failing) to say that there is a gpg signature available for the checksum file. And the value that you see there (“AD48 5664 E901 B867 051A B15F 35A2 F86E 29B7 00A4”) is the fingerprint of the gpg public key used to check the signature.

Bill_L · October 31, 2023, 2:37am

Thanks,
I guess I will have to dig into that sha256 & gpg stuff all over again.

nrickert · October 31, 2023, 2:53am

For completeness, here’s the “sha256” file that I downloaded:

% cat openSUSE-Leap-15.5-DVD-x86_64-Build491.1-Media.iso.sha256
53bcbcb82361c5261c9d0994ab0f94101bf28e61c06fe12d320984601be35a8f  openSUSE-Leap-15.5-DVD-x86_64-Build491.1-Media.iso

Bill_L · October 31, 2023, 3:53am

OK, So I got the correct output sha256 string, just went about it the long way
Thanks again