checking downloads

This works for me:

sha256sum -c trisquel_11.0.1_amd64.iso.sha256

Without the "-c" option you are in fact computing the sha256 hash of the sha256 file itself.

with KDE it worked

gfp@Tuxedo ~/Downloads/Trisquel$ sha256sum -c triskel_11.0.1_amd64.iso.sha256
triskel_11.0.1_amd64.iso: OK

Gottfried

thanks

The trisquel_11.0.1_amd64.iso.sha256 file should only have one line.

You probably added the other two lines to compare visually, which would explain the two errors you got.

I am not sure what you mean.

I tried again but got the same result.

See https://trisquel.info/en/wiki/download-trisquel

thanks Magic Banana,

I imported the keys:

gfp@Tuxedo ~/Downloads/Trisquel$ gpg --keyserver keyserver.ubuntu.com --recv-keys D24DDAC9226D5BA5E9F3BED3F5DAAAF74AD4C938
gpg: key F5DAAAF74AD4C938: public key "Trisquel GNU/Linux Archive Automatic Signing Key (11/aramo) <name at domain>" imported
gpg: Total number processed: 1
gpg: imported: 1

gfp@Tuxedo ~/Downloads/Trisquel$ gpg --verify trisquel_11.0.1_amd64.iso.asc
gpg: assuming signed data in 'trisquel_11.0.1_amd64.iso'
gpg: Signature made Fri May 31 04:41:15 2024 CEST
gpg: using RSA key D24DDAC9226D5BA5E9F3BED3F5DAAAF74AD4C938
gpg: Good signature from "Trisquel GNU/Linux Archive Automatic Signing Key (11/aramo) <name at domain>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: D24D DAC9 226D 5BA5 E9F3 BED3 F5DA AAF7 4AD4 C938

This seems ok,

it is interesting
I downloaded the same file with an other server
but got the same wrong result.

Then I downloaded the sha256sum file again and now everything is fine.

gfp@Tuxedo ~/Downloads$ sha256sum -c trisquel_11.0.1_amd64.iso.sha256
trisquel_11.0.1_amd64.iso: OK

This means that downloading the sha256sum file caused the problem.

thanks to all

Gottfried