mirror of
https://github.com/rocky-linux/checksums.git
synced 2024-11-22 05:41:22 +00:00
update readme for clarity
This commit is contained in:
parent
c7c2ff18f3
commit
a8af3b3a9b
32
README.md
32
README.md
@ -1,5 +1,4 @@
|
|||||||
checksums
|
# checksums
|
||||||
---------
|
|
||||||
|
|
||||||
This repository contains checksums for images, ISO's, and so on for Rocky Linux.
|
This repository contains checksums for images, ISO's, and so on for Rocky Linux.
|
||||||
They are sorted by version into various directories.
|
They are sorted by version into various directories.
|
||||||
@ -10,3 +9,32 @@ They are sorted by version into various directories.
|
|||||||
| rocky-linux-9 | Rocky Linux 9 |
|
| rocky-linux-9 | Rocky Linux 9 |
|
||||||
| rocky-linux-rc | Rocky Linux Release Candidates |
|
| rocky-linux-rc | Rocky Linux Release Candidates |
|
||||||
| images | Rocky Linux Images per release |
|
| images | Rocky Linux Images per release |
|
||||||
|
|
||||||
|
This repository is mirrored here: https://git.resf.org/rocky-linux/checksums
|
||||||
|
|
||||||
|
# Why this repository?
|
||||||
|
|
||||||
|
One of the goals of this repository is to be a main point of reference for all
|
||||||
|
checksums for our images, regardless of release. It can also be a historical
|
||||||
|
reference as well because all versions will be available.
|
||||||
|
|
||||||
|
This repository is also a result of the following things:
|
||||||
|
|
||||||
|
* Keykeeper (part of the peridot build system) does not sign arbitrary files
|
||||||
|
or artifacts outside of the build system
|
||||||
|
|
||||||
|
* We are planning to move Rocky Linux 8 into the new build system, and along
|
||||||
|
with it, the keys that sign the packages and repository metadata
|
||||||
|
|
||||||
|
* Some users would rather have a place they can go to that is outside of the
|
||||||
|
mirror(s) to verify the signatures are valid and the checksums actually match
|
||||||
|
what they claim.
|
||||||
|
|
||||||
|
# So the commits are signed, how do I verify?
|
||||||
|
|
||||||
|
To verify our signature, click on "commits", click on the green "Verified"
|
||||||
|
button where you will see a GPG key ID. You can then search for this ID at
|
||||||
|
any of the following:
|
||||||
|
|
||||||
|
https://keys.openpgp.org
|
||||||
|
https://keyserver.ubuntu.com
|
||||||
|
Loading…
Reference in New Issue
Block a user