Linux

52997 readers

767 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

Krita is so KOOL, but how do i Verify the current AppImage? (lemmy.sdf.org)

submitted 3 weeks ago* (last edited 3 weeks ago) by nonanomalus@lemmy.sdf.org to c/linux@lemmy.ml

11 comments fedilink hide all child comments

don't know if this is of any help to anyone except maybe past me, but i had a hard time finding the correct Public Key to verify the current Krita AppImage: So what finally worked was gpg --import this Public Key here https://files.kde.org/krita/dmitry_kazakov.gpg and gpg --verify krita-5.2.9-x86_64.AppImage.sig then gpg says Good signature (fingerprint: E9FB 29E7 4ADE ACC5 E303 5B8A B69E B4CF 7468 332F). Anyway (>' v ')> here is a drawing i made using my laptops wonky touchpad.

KOOL

all 12 comments

sorted by: hot top controversial new old

[–] gnuplusmatt@reddthat.com 4 points 3 weeks ago

if you're worried about the integrity of the sources you're installing from why are you using app images? Use a repo, or flathub

[–] BlindFrog@lemmy.world 1 points 3 weeks ago

Where did you download krita from?

[–] mactan@lemmy.ml 1 points 3 weeks ago

compile it yourself I guess

[–] doomsdayrs@lemmy.ml 1 points 3 weeks ago (1 children)

Why would you sign it?

[–] nonanomalus@lemmy.sdf.org 0 points 3 weeks ago (1 children)

Ah i meant i downloaded the signature from download.kde.org/stable/krita/5.2.9/, just wanted to make sure that the Krita AppImage i had was legitimate

[–] AnUnusualRelic@lemmy.world 1 points 3 weeks ago* (last edited 2 weeks ago)

Look at the properties of the file in dolphin. It will show you various file ~~signatures~~ checksums.

[–] merthyr1831@lemmy.ml 0 points 3 weeks ago (1 children)

Do they not provide an md5sum? I've never seen anyone check an app's integrity issuing public keys

[–] nonanomalus@lemmy.sdf.org 0 points 3 weeks ago (1 children)

i couldn't find the md5sum s for the current version, i saw they do provide some for older versions https://download.kde.org/Attic/krita/5.2.0/, but they do have GPG Signatures .sig files at https://download.kde.org/stable/krita/5.2.9/ for the current version

[–] Luck@lemmy.one 2 points 3 weeks ago (1 children)

It's under details.

[–] nonanomalus@lemmy.sdf.org 1 points 3 weeks ago

Awesome thanks, your right, can't believe i missed that, i guess details do matter

[–] SatyrSack@feddit.org 0 points 3 weeks ago (1 children)

*KOOL