Checking checksums to verify integrity of OMLx .iso files (ROME, Rock, or Cooker)

Hello,

  • OpenMandriva Lx version:

ALL

  • Desktop environment (KDE, LXQT…):

ALL

  • Description of the issue (screenshots if relevant):

Users should always, always. always, check the integrity of .iso files you download and use to install any OMLx operating system. One should always check the checksums for an .iso. However while the fact that the checksums match does not guarantee that there will be no problem, it does make it much less likely.

  • Relevant informations (hardware involved, software version, logs or output…):

If user is using an .iso downloaded at SourcForge you can find the checksums next to the .iso you wish to install by clicking on the circle with the i in it:

Next open Dolphin and navigate to the folder where you downloaded the .iso file. Right click on the .iso file and select “Properties” and a window pops up, go to the “Checksums” tab:

In the window where is says “Expected Checksum” copy and paste the checksum you want to check from the SourceForge page. In this example we used the SHA1 sum from SourceForge:

You can see that the SHA1 sum of the .iso file was automatically calculated. So compare the checksum in the “Paste” box to the checksum beside where is says “SHA1:”. the two checksums or numbers should match exactly. That’s all folks.

What you just did: You copied and pasted a checksum from the SourceForge website, then Dolphin software automatically checked the checksum of the .iso file you selected. You then compared the two checksums to verify the integrity of the .iso file.

Try this, it is way easier and faster to do than it was for you to read this.

The value of checksums increases thus:

  1. md5sum — Simplest but less valuable of a check, you can see the checksum has fewer characters from a more simple math calculation.
  2. sha1sum — More complicated calculation, you can see the checksum has more characters.
  3. sha256sum — Even more complicated calculation. For OMLx .iso files this one is the best check. We introduced sha256sum with OMLx ROME and Rock/5.0.

Suppose you download an .iso file from ABF instead of SourceForge, something OM testers do all the time. You can see that the checksums are in separate files:

Download the checksum files to the same folder where you download the .iso file. Then you can open them and do the same thing in Dolphin we did above.

Alternative method for .isos from ABF:

Create a folder for the .iso you wish to download and install, download the .iso and the .md5sum and .sha256 sum files to that folder. Open Konsole and cd to that folder:

You can see what is in the folder with ls or ls -lh command:

Now you can check each checksum for that .iso with the following commands:

$ md5sum -c OpenMandrivaLx.5.0-final-plasma.x86_64.iso.md5sum

$ sha256sum -c OpenMandrivaLx.5.0-final-plasma.x86_64.iso.sha256sum

You will notice it takes a few seconds for the command to complete it’s task. That is because the -c or --check is doing a mathematical calculation.

Note: One may shorten the above checksum check command using the wildcard * like this:

$ md5sum -c *md5sum

$ sha256sum -c *sha256sum

If one has any problems with these methods or questions please open a new forum post in English/Support forum with a descriptive title and enough information for someone to understand your question or issue.

1 Like