Topic: Check Digital Signatures on Linux/Ubuntu (Read 3785 times)
Thanks, Mike. I looked that up. You're right. Still can't get through the rest of it, though.
sha1sum is a part of coreutils, you shouldn't be able to avoid having it.
Here's starting a new thread for this -- from another thread I inadvertently 'high-jacked' with a comment.
garyrowe wrote on 12/31/13
Quote
Maybe we'll soon see a better one on *How to Check Digital Signatures*? I couldn't follow/use what you have for Linux at all! It made me really uncomfortable to download and install MultiBit without that. That on top of not having a PPA to use for installation and updates in the first place.
So you don't have sha1sum installed and couldn't get openssl or gpg installed either? If you could expand on where it all started to fall apart for you then I'll be able to update the installation and verification guides accordingly. There is a "website issues" link for these kind of problems and I'd really like to ensure that the site delivers a secure and simple download experience.
Regarding the PPA, we'll look into that as an option for MultiBit HD (coming out as beta in Jan/Feb).
Thanks so much, Gary. I'm using Ubuntu 12.04 LTS -- probably the most widely used Linux version out there right now. sha1sum is not installed natively nor available in the standard repositories. "jacksum" is available, and it may be close enough to work right; but I didn't know, and was reluctant to download and try it. gpg is not installed either, and is not in the repositories as such. openssl is installed, but without the other commands to work with, I couldn't figure out how to use it for good. Sorry I'm not more schooled in these things. But I'm always fearful of breaking something if I mess around doing things I'm not sure about, especially from the command line.
The PPA solution would be GREAT! It's super secure, and easy for everyone to use. It would make Multibit download and installation a snap. And updates would get pushed automatically to all users within 24 hours of publishing.
garyrowe wrote on 12/31/13
Quote
Maybe we'll soon see a better one on *How to Check Digital Signatures*? I couldn't follow/use what you have for Linux at all! It made me really uncomfortable to download and install MultiBit without that. That on top of not having a PPA to use for installation and updates in the first place.
So you don't have sha1sum installed and couldn't get openssl or gpg installed either? If you could expand on where it all started to fall apart for you then I'll be able to update the installation and verification guides accordingly. There is a "website issues" link for these kind of problems and I'd really like to ensure that the site delivers a secure and simple download experience.
Regarding the PPA, we'll look into that as an option for MultiBit HD (coming out as beta in Jan/Feb).
Thanks so much, Gary. I'm using Ubuntu 12.04 LTS -- probably the most widely used Linux version out there right now. sha1sum is not installed natively nor available in the standard repositories. "jacksum" is available, and it may be close enough to work right; but I didn't know, and was reluctant to download and try it. gpg is not installed either, and is not in the repositories as such. openssl is installed, but without the other commands to work with, I couldn't figure out how to use it for good. Sorry I'm not more schooled in these things. But I'm always fearful of breaking something if I mess around doing things I'm not sure about, especially from the command line.
The PPA solution would be GREAT! It's super secure, and easy for everyone to use. It would make Multibit download and installation a snap. And updates would get pushed automatically to all users within 24 hours of publishing.
Jump to: