Testing
Signify
Copy or share this direct link!
https://www.kicksecure.com/wiki/Testing?direction=next&oldid=74769#Signify
Click below ↴ = Copy to Clipboard
[[Testing#Signify|Signify]]
Copy as Wikitext
[Signify](https://www.kicksecure.com/wiki/Testing?direction=next&oldid=74769#Signify)
for Discourse, reddit, GitHub
[Signify](https://www.kicksecure.com/wiki/Testing?direction=next&oldid=74769#Signify)
Copy as Markdown
[url=https://www.kicksecure.com/wiki/Testing?direction=next&oldid=74769#Signify]Signify[/url]
Copy as phpBB
We don't use embedded scripts
This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also
Social Share Button.
Advanced users only!
It is impossible to signify sign images (.ova / libvirt.tar.xz) directly.
You can only verify the .sha512sums hash sum file using signify-openbsd and then verify the image against the sha512 sum.
1. Download the signify Key and save it as derivative.pub.
VirtualBox:
KVM:
2. Install signify-openbsd.
Install package(s) signify-openbsd following these instructions
1 Platform specific notice.
- Kicksecure: No special notice.
- Kicksecure-Qubes: In Template.
2 Update the package lists and upgrade the system
.
Click = Copy Copied to clipboard!
3 Install the signify-openbsd package(s).
Using apt command line --no-install-recommends option is in most cases optional.
Click = Copy Copied to clipboard!
4 Platform specific notice.
- Kicksecure: No special notice.
- Kicksecure-Qubes: Shut down Template and restart App Qubes based on it as per Qubes Template Modification.
5 Done.
The procedure of installing package(s) signify-openbsd is complete.
3. Download the .sha512sums and .sha512sums.sig files.
4. Verify the .sha512sums file with signify-openbsd.
Click = Copy Copied to clipboard!
If the file is correct, it will output:
Signature Verified
If the file is not correct, it will output an error.
5. Compare the hash of the image file with the hash in the .sha512sums file.
Click = Copy Copied to clipboard!
If the file is correct, it will output:
Do not continue if verification fails! This risks using infected or erroneous files! The whole point of verification is to confirm file integrity. This page is strongly related to the pages Placing Trust in Kicksecure and Verifying Software Signatures.
If you are using signify for software signature verification, please consider making a report in the signify-openbsd forum thread. This will help developers decide whether to continue supporting this method or deprecate it.
Table: Kicksecure VirtualBox Files
{