Choose style:

Author Topic: How Do I Use the GPA Tool In Order To Validate Peppermint 7 Download? [SOLVED]  (Read 2418 times)

0 Members and 1 Guest are viewing this topic.

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3849
  • Karma: 303
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Hello Peppermint Forum,

I'm trying to get back into the swing of things here after I rendered useless my Toshiba hard drive.  (I spent weeks trying to remove a password request of the drive, but my efforts did NOT pay off for me at all.)  I've recently downloaded Peppermint 7 to mrs.perknh's hard drive.  The MD5 sum is fine, but I can't seem to validate the download.  I have installed the GPA tool:  Now I like to learn how to use it.

Supposedly tomorrow, on Sunday, I will have an new PNY 240 GB SSD arriving in the mail.  If possible I'd like to get my computer up and running again, as well as upgrade mrs.perknh's computer to Peppermint 7.

How would I validate my download by GPG verification using the GPA tool.  I'm certain its an easy tool to use after one learns how to use it. (I did not get the desired results of a good signature from PCNetSpec using our GPG Verification method.  No doubt I did something wrong, but hopefully this GPA tool will help hasten this process.)

Thank you,

perknh
« Last Edit: July 16, 2016, 08:43:29 pm by perknh »
We're all Peppermint users and that's what matters  ;).  -- AndyInMokum

Offline zebedeeboss

  • Global Moderator
  • Hero
  • *****
  • Posts: 3072
  • Karma: 563
  • Life first... Peppermint a close 2nd :)
    • View Profile
  • Peppermint version(s): P10 / P9 Respin
Hi perknh

Welcome home - we missed you.

Ok excuse my dumb question but why do you need to bother.   You have downloaded the iso and MD5 is fine.  Install it already!!
I have NEVER validated a download and to my knowledge have never had a problem.  So I will watch this thread with interest to learn if validation is strictly necessary or just another layer of precaution?

Regards Zeb...
Be Kind Whenever Possible...   It is Always Possible - Dalai Lama

Linux User #565092
P10 x64 Desktop - AMD Threadripper 2950X - 64Gb RAM - NVIDIA RTX2080Ti 11Gb - 2 x 27" 4k 3840x2160 - 1 x 34" 5120x2160
P9/10 @ P9 x64 Laptop - i7-7700HQ @ 2.80GHz - 8Gb RAM - Nvidia GTX1050 4Gb - 15.6" HD 1920x1080

Offline AndyInMokum

  • Global Moderator
  • Hero
  • *****
  • Posts: 4808
  • Karma: 1013
  • "Keep on Rockin' in the Free World"
    • View Profile
  • Peppermint version(s): PM 9 & PM 8 Respin-2 (64-bit)
Who's this perknh bloke  :-\?  We're going to have to keep an eye on this one.  He sounds like he's a born troublemaker  :D.  Welcome back mate, it's good to see you  :).  It's as zeb has said.  Also, if you use a torrent to download the ISO, security is built in to the downloading method  ;).
Backup! Backup! Backup! If you're missing any of these -  you ain't Backed Up!
For my system info please L/click HERE.

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25931
  • Karma: 2835
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
First install gpa:
Code: [Select]
sudo apt-get install gpa
Next import my key with:
Code: [Select]
gpg --keyserver keyserver.ubuntu.com --recv-keys AECF1D2F
and you should get this returned:-
Code: [Select]
gpg: keyring `/home/mark/.gnupg/secring.gpg' created
gpg: keyring `/home/mark/.gnupg/pubring.gpg' created
gpg: requesting key AECF1D2F from hkp server keyserver.ubuntu.com
gpg: key AECF1D2F: public key "Mark Greaves (PCNetSpec) <mark@pcnetspec.co.uk>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
Now check the key fingerprint:

Which should return
Code: [Select]
pub   2048R/AECF1D2F 2013-05-02
      Key fingerprint = 4A9F 9066 13AF ABED CFA3  92C2 E499 FD0B AECF 1D2F
uid                  Mark Greaves (PCNetSpec) <mark@pcnetspec.co.uk>
sub   2048R/4B06BE0D 2015-05-03
sub   2048R/3606A7AD 2015-05-03
Now start gpa, and my public key (AECF1D2F) should be listed as in this pic (if prompted to make your own key, you either can, or select "Do it later":-


Right-click on my key (highlighted in above pic) and select "Set Owner Trust"

Set the trust level to "Ultimate" .. and click "OK"

make sure both the peppermint.iso and peppermint.iso.sig files are both in the same directory somewhere such as your Desktop.

in gpa, click the little folder icon on the toolbar (Open file manager) ... in the file browser click the "Open file" icon .. and point it at the peppermint.iso.sig file


Click the Verify (Check signatures of selected file) icon on the toolbar, and you should see it start to verify


Verification should result in a green Valid signature .. and it should list both the peppermint.iso and peppermint.iso.sig files at the top




Okay now I've done that....

It really is MUCH easier to just do it from the command line as described here:
https://peppermintos.com/gpg-verification/
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3849
  • Karma: 303
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Hello zeebeedeboss, AndyInMokum, and PCNetSpec.

I didn't download the Peppermint 7 ISO. file to mrs.perknh's computer using torrent, but I remember Mint had a short spell there when its MD5 sum had been hacked.  So, yes, I am using this method as an added layer of precaution.

Thank you, PCNetSpec.  I ended up with a nice green Valid signature.  It has now been written to a flash drive and is patiently awaiting an SSD to arrive in the mail.  ;)

Thank you,

perknh

We're all Peppermint users and that's what matters  ;).  -- AndyInMokum

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25931
  • Karma: 2835
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
No problem perknh, good to see you back :)
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec