WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2024 Poal.co

866

I've been trying to download 21.2 cinnamon 64-bit ISO or excuse me I mean verify the ISO. So I have the sha-sum that I can verify with the ISO but then when it comes to importing the Linux mint signing key, it doesn't jive up. It only gives me the last maybe 10 numbers of the key. And then when I go to verify the authenticity it says that I have a bad signature. I've tried like six of these stupid iso from the US. Should I just go to a different country and try my luck there? It doesn't help that I have no idea really what I'm doing other than I'm following really horrible instructions off of the Mint website. They must be written by the guy who writes instructions for Ikea.

I've been trying to download 21.2 cinnamon 64-bit ISO or excuse me I mean verify the ISO. So I have the sha-sum that I can verify with the ISO but then when it comes to importing the Linux mint signing key, it doesn't jive up. It only gives me the last maybe 10 numbers of the key. And then when I go to verify the authenticity it says that I have a bad signature. I've tried like six of these stupid iso from the US. Should I just go to a different country and try my luck there? It doesn't help that I have no idea really what I'm doing other than I'm following really horrible instructions off of the Mint website. They must be written by the guy who writes instructions for Ikea.

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (18).
[–] 1 pt (edited )

Steps to consider when asking for assistance. -- not trying to troll you, trying to make your, and far more importantly, everyone else's life easier.

  1. When discussing a download, link it... If you cant like it exactly. Chop the link up to make it text and post it. We need to see what you are downloading.
  2. When discussing an additional point, say a SHA key, link to the key you are using.
  3. Provide some screenshots of what exactly is happening for you when you encounter an error. If you cant screenshot it. You have some soft of camera...

These 3 things make help far more efficient than just saying shit doesn't work, with a half ass explanation.

With those 3, I could have grabbed the download, and ran the validation, pointed you at a better download, or pointed out a misused key, I could have read the exact error message, and advanced the process far more than sort of and likes...

Not trying to knock you. Yes Linux is very much an RTFM OS, but we may just help. Not to mention the quality of help you would get other places with this same advice.

[–] 1 pt

You're right. I haven't had really any super major troubleshooting issues in forever so I don't really know how to ask what I need correctly. I'm not up on new tech at all so I'm unbelievably rusty on how to figure even light troubleshooting out. I have a buddy who has the same computer and he even said dude just use windows. The latest version of windows is like watching TV. I'm frankly not that interested in all of its annoyances.

[–] 0 pt

Now. I went here... https://linuxmint.com/edition.php?id=305 downloaded the ISO from advancedhosters.com (first US link) Grabbed the sha key and its gpg counterpart on the exact same page, just above the download link i used.

then I followed the instructions written at https://linuxmint-installation-guide.readthedocs.io/en/latest/verify.html

That got me this... ____________________________________________________________________________ ╚═══===═══[~]>> gpg --verify /home/beau/Downloads/sha256sum.txt.gpg /home/beau/Downloads/sha256sum.txt gpg: Signature made Fri Sep 29 03:41:09 2023 MST gpg: using RSA key 27DEB15644C6B3CF3BD7D291300F846BA25BAE09 gpg: Good signature from "Linux Mint ISO Signing Key <root@linuxmint.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 27DE B156 44C6 B3CF 3BD7 D291 300F 846B A25B AE09

╚═══===═══[~]>> sha256sum -b /home/beau/Downloads/linuxmint-21.2-cinnamon-64bit.iso 116578dda0e03f1421c214acdd66043b586e7afc7474e0796c150ac164a90a2a */home/beau/Downloads/linuxmint-21.2-cinnamon-64bit.iso ______________________________________________________________________________________

Which oddly enough matches the SHA key and GPG verification, given right there on the site, for it...

Instructions looked like plain english to me. maybe you went elsewhere and grabbed something else, then followed another site to do this?

Unsure how your experience could differ. but you didnt really give us any info.

[–] 1 pt

The only issue here is you haven't trusted the Mint key. (You said the hash matches so you're ok)

i.e. The signature is valid but you would need to configure your gpg trust rules to address the second warning. Checkout the gpg handbook for more info.

https://www.gnupg.org/gph/en/manual/x334.html

[–] 0 pt (edited )

I just didnt add it to the message

╚═══===═══[~]>> gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-key "27DE B156 44C6 B3CF 3BD7 D291 300F 846B A25B AE09" gpg: key 300F846BA25BAE09: public key "Linux Mint ISO Signing Key <root@linuxmint.com>" importedD7 D291 300F 846B A25B gpg: Total number processed: 1 gpg: imported: 1

Which still left the error.

[–] 0 pt

I got that too but it said that it didn't trust the signature. So that to me says that that's not a trusted ISO. Am I incorrect in thinking that?