I use linux 64 bit cli only.
Going through the ridiculously complicated verification procedure now.
Just finished section 3.2 of these instructions:
https://src.getmonero.org/resources/user-guides/verification-allos-advanced.htmlSection 4, download and verify binary, directs you to get the file via command line
wget -O monero-linux-x64-v0.12.0.0.tar.bz2 https://downloads.getmonero.org/cli/linux64
But after executing the command, I notice it's version 12.0.0. So is the correct command actually
wget -O monero-linux-x64-v0.15.0.1.tar.bz2 https://downloads.getmonero.org/cli/linux64
?
And where did the file go, if it's not in the downloads folder?
I just did the point-and-click download of the cli file from the getmonero.org website
and monero-linux-x64-v0.15.0.1.tar.bz2 appears in the downloads folder.
So I am going to go back and do the command
wget -O monero-linux-x64-v0.15.0.1.tar.bz2 https://downloads.getmonero.org/cli/linux64
continue following the instructions, and hope for the best I suppose.
a@galliumos:~$ shasum -a 256 monero-linux-x64-v0.15.0.1.tar.bz2
8d61f992a7e2dbc3d753470b4928b5bb9134ea14cf6f2973ba11d1600c0ce9ad monero-linux-x64-v0.15.0.1.tar.bz2
a@galliumos:~$
And now the instructions say
Your SHA256 hash should match the one listed in the hashes.txt file for your binary file.
Where is this file? Yeah, I'm going to look for it, but I shouldn't have to.
Ok, scrolling back, I see that in step 3.1 I downloaded hashest.txt
It's not in downloads. Where is it, or is somebody going to imply that I'm simply stupid for not having the answer?
I'm starting to get annoyed, and I've been involved with this coin since the very beginning, spring 2014.
Somebody needs to make monero usable or nobody's ever going to adopt this coin except total freaking nerdheads who live in bubbles.
Okay, since I don't know where my hashes.txt file is, I go to getmonero.org to see the hash for 15.0.1 linux cli only. It matches the result of the shasum command, so I guess it's safe to continue.
Just one little problem. The zip in downloads is the one I downloaded from getmonero.org through the browser. Where is the binary that I downloaded through the cli?
Ah, I see it's in the home directory (along with 12.0.0 that I downloaded as a result of naively copy-pasting the command in the instructions, and which a less alert person might have installed unthinkingly LOL).
And of course another stupid mistake I could make would be to use the zip which is in the downloads folder, and isn't actually verified.
So there you have a narrative of what happens when a normal human being attempts to RTFM and use monero properly. It's not a pretty picture.
You don't necessarily have to use wget to download the binaries. Put differently, you can simply download the file (.tar.bz2 for Linux 64-bit in your case) from the website.
The hashes.txt file is present on the downloads page. You need to save the content to a text file on your local system.
You should check the hashes.txt file against Fluffypony's GPG key. Merely checking the SHA256 hash is not sufficient, as an adversary could replace that.
Admittedly, the guide could use an update. That being said, there is a limit to how easy verifying the GPG signed hashes can be made. However, moneromooo is working on a secure updater/installer for Monero, see:
lol 
LEL REEEEEE