How to verify the ISO image on Windows

Write tutorials for Linux Mint here
More tutorials on https://github.com/orgs/linuxmint/discu ... /tutorials and (archive) on https://community.linuxmint.com/tutorial
Forum rules
Don't add support questions to tutorials; start your own topic in the appropriate sub-forum instead. Before you post read forum rules
jean_marie

Re: How to verify the ISO image on Windows

Post by jean_marie »

Hi, I'm hoping to install Mint xfce, but am stuck verifying. My skills in this are zilch.

Before downloading the ISO again, I want to know if sha256sum must end in .txt? When I right click and Save As, it never saves it with the .txt extension. Under Type, it does say that it is a text document.

The second file saves correctly as sha256sum.txt.gpg

Thanks.
User avatar
JoeFootball
Level 13
Level 13
Posts: 4674
Joined: Tue Nov 24, 2009 1:52 pm
Location: /home/usa/mn/minneapolis/joe

Re: How to verify the ISO image on Windows

Post by JoeFootball »

jean_marie wrote: I want to know if sha256sum must end in .txt? When I right click and Save As, it never saves it with the .txt extension. Under Type, it does say that it is a text document.
Presuming that you're using Windows, do you have a setting active like "Hide extensions for known file types" (or something like that) in your file manager?
jean_marie

Re: How to verify the ISO image on Windows

Post by jean_marie »

That was it. Thank you! Also checked was 'Hide hidden files and folders'. I changed that, just in case.
jean_marie

Re: How to verify the ISO image on Windows

Post by jean_marie »

Integrity worked, but I'm not sure about Authenticating. It said the signature was good, but below that text it said WARNING: this key is not certified with a trusted signature!...

Nevermind, I just read this:

You can ignore the warning that comes after that, it is expected and perfectly normal.

Thank you:)
Chuck1991

Re: How to verify the ISO image on Windows

Post by Chuck1991 »

I downloaded linuxmint-20.1-mate-64bit.iso from the University of Oklahoma mirror site, along with sha256sum.txt and sha256sum.txt.gpg. Using the instructions at the beginning of this thread to verify the ISO on Windows, the verify failed. So I deleted the 3 downloads and grabbed them again from the Harvard School of Engineering mirror site. The verify failed again.

In both tries, the sha256sum.txt files say the number should come back as 43c704c9a216b802f7483d34e158de8ea505bfd29f48623b771853e3e6764a43.
And in both tries, the result returned was also identical: 12ccfa2494acf761b2f5a3379ed770495d97051c3944571d5ad5e7c50d11c975.

What's wrong here? Thanks.
User avatar
MrEen
Level 23
Level 23
Posts: 18345
Joined: Mon Jun 12, 2017 8:39 pm

Re: How to verify the ISO image on Windows

Post by MrEen »

Hi Chuck1991, and welcome to the forum.

Looks like you grabbed the wrong sha256sum.txt file.

12ccfa2494acf761b2f5a3379ed770495d97051c3944571d5ad5e7c50d11c975 is the correct return for 20.1 MATE

EDIT: Just searched and found the 43c.... return belongs to the beta.
Chuck1991

Re: How to verify the ISO image on Windows

Post by Chuck1991 »

MrEen,
I downloaded the correct sha256sum.txt and sha256sum.txt.gpg files from https://linuxmint.com/verify.php and trashed the ones I had gotten from the mirror sites. The verification (integrity) and authenticity checks worked just fine. I never would have thought the mirror sites had the wrong files. Thank you for your help.
t42
Level 11
Level 11
Posts: 3683
Joined: Mon Jan 20, 2014 6:48 pm

Re: How to verify the ISO image on Windows

Post by t42 »

Chuck1991 wrote: Sat Jan 09, 2021 5:12 am I never would have thought the mirror sites had the wrong files.
JFR, now both ftp, Oklahoma and Harvard, contain correct checksum files, as MrEen said, you probably got beta checksums.
-=t42=-
User avatar
MrEen
Level 23
Level 23
Posts: 18345
Joined: Mon Jun 12, 2017 8:39 pm

Re: How to verify the ISO image on Windows

Post by MrEen »

I'm glad it all worked out. When I had checked, OK did have the proper sha file. Maybe there was a caching issue or something, but that's just a guess.
Mint584

Re: How to verify the ISO image on Windows

Post by Mint584 »

I thought I found my answer in a post to this thread on 10-11-19 but the OP never replied back with his Windows OS. First time attempting to load Mint, but after successfully completing all the downloading and saving of the three files I can not get the integrity test to work. When I type in CertUtil -hashfile filename SHA256, I get an error that the hashfile command will not accept the SHA256 and there are too many arguments. Below is what is contained in the command window (not sure how to copy and paste the actual window here). My system is running Windows Vista. Any thoughts on a work around for this. Thanks


C:\Users\Dad\Desktop\Linux Mint 32bit Download>CertUtil -hashfile linuxmint-19.3
-cinnamon-32bit.iso SHA256
Expected no more than 1 args, received 2
CertUtil: Too many arguments

Usage:
CertUtil [Options] -hashfile InFile
Generate and display cryptographic hash over a file

Options:
-gmt -- Display times as GMT
-seconds -- Display times with seconds and milliseconds
-v -- Verbose operation
-privatekey -- Display private key data

CertUtil -? -- Display a verb list (command list)
CertUtil -hashfile -? -- Display help text for the "hashfile" verb
CertUtil -v -? -- Display all help text for all verbs
User avatar
JoeFootball
Level 13
Level 13
Posts: 4674
Joined: Tue Nov 24, 2009 1:52 pm
Location: /home/usa/mn/minneapolis/joe

Re: How to verify the ISO image on Windows

Post by JoeFootball »

Mint584 wrote: Expected no more than 1 args, received 2
CertUtil: Too many arguments

Usage:
CertUtil [Options] -hashfile InFile
I don't have Windows Vista to confirm, but I'm going to guess that the Vista version of CertUtil is different than the current one, where on the documentation page it shows ...

certutil [options] -hashfile infile [hashalgorithm]

... where yours is different, and thus the too many arguments error.

What's the output for: CertUtil -?
Mint584

Re: How to verify the ISO image on Windows

Post by Mint584 »

Here is the response I get to CertUtil -?


C:\Users\Dad\Desktop\Linux Mint 32bit Download>CertUtil -?

Verbs:
-dump -- Dump configuration information or files
-asn -- Parse ASN.1 file

-decodehex -- Decode hexadecimal-encoded file
-decode -- Decode Base64-encoded file
-encode -- Encode file to Base64

-deny -- Deny pending request
-resubmit -- Resubmit pending request
-setattributes -- Set attributes for pending request
-setextension -- Set extension for pending request
-revoke -- Revoke Certificate
-isvalid -- Display current certificate disposition

-getconfig -- Get default configuration string
-ping -- Ping Active Directory Certificate Services Request interf
ace
-pingadmin -- Ping Active Directory Certificate Services Admin interfac
e
-CAInfo -- Display CA Information
-ca.cert -- Retrieve the CA's certificate
-ca.chain -- Retrieve the CA's certificate chain
-GetCRL -- Get CRL
-CRL -- Publish new CRLs [or delta CRLs only]
-shutdown -- Shutdown Active Directory Certificate Services

-installCert -- Install Certification Authority certificate
-renewCert -- Renew Certification Authority certificate

-schema -- Dump Certificate Schema
-view -- Dump Certificate View
-db -- Dump Raw Database
-deleterow -- Delete server database row

-backup -- Backup Active Directory Certificate Services
-backupDB -- Backup Active Directory Certificate Services database
-backupKey -- Backup Active Directory Certificate Services certificate
and private key
-restore -- Restore Active Directory Certificate Services
-restoreDB -- Restore Active Directory Certificate Services database
-restoreKey -- Restore Active Directory Certificate Services certificate
and private key
-dynamicfilelist -- Display dynamic file List
-databaselocations -- Display database locations
-hashfile -- Generate and display cryptographic hash over a file

-store -- Dump certificate store
-addstore -- Add certificate to store
-delstore -- Delete certificate from store
-verifystore -- Verify certificate in store
-repairstore -- Repair key association or update certificate properties o
r key security descriptor
-viewstore -- Dump certificate store
-viewdelstore -- Delete certificate from store

-dsPublish -- Publish certificate or CRL to Active Directory

-Template -- Display templates
-TemplateCAs -- Display CAs for template
-CATemplates -- Display templates for CA
-InstallDefaultTemplates -- Install default certificate templates
-URLCache -- Display or delete URL cache entries
-pulse -- Pulse autoenrollment events
-MachineInfo -- Display Active Directory machine object information
-DCInfo -- Display domain controller information
-EntInfo -- Display enterprise information
-TCAInfo -- Display CA information
-SCInfo -- Display smart card information

-SCRoots -- Manage smart card root certificates

-verifykeys -- Verify public/private key set
-verify -- Verify certificate, CRL or chain
-sign -- Re-sign CRL or certificate

-vroot -- Create/delete web virtual roots and file shares
-vocsproot -- Create/delete web virtual roots for OCSP web proxy
-oid -- Display ObjectId or set display name
-error -- Display error code message text
-getreg -- Display registry value
-setreg -- Set registry value
-delreg -- Delete registry value

-ImportKMS -- Import user keys and certificates into server database fo
r key archival
-ImportCert -- Import a certificate file into the database
-GetKey -- Retrieve archived private key recovery blob
-RecoverKey -- Recover archived private key
-MergePFX -- Merge PFX files
-ConvertEPF -- Convert PFX files to EPF file
-? -- Display this usage message


CertUtil -? -- Display a verb list (command list)
CertUtil -dump -? -- Display help text for the "dump" verb
CertUtil -v -? -- Display all help text for all verbs

CertUtil: -? command completed successfully.
User avatar
JoeFootball
Level 13
Level 13
Posts: 4674
Joined: Tue Nov 24, 2009 1:52 pm
Location: /home/usa/mn/minneapolis/joe

Re: How to verify the ISO image on Windows

Post by JoeFootball »

Mint584 wrote: Here is the response I get to CertUtil -?
Based on this, and what I see (and don't see) in search results, I'm beginning to think that CertUtil for Vista doesn't support SHA256.

Try your command without the SHA256 argument that it doesn't like, to see what happens: CertUtil -hashfile linuxmint-19.3-cinnamon-32bit.iso

Unsolicited Side Note: I noticed that you selected a 32-bit ISO. If this is indeed 32-bit hardware, which makes it most likely dated, you may have better performance with LM 19.2 Xfce, which leverages a "lighter" desktop, and defaults to the 4.15.x kernel that works well with older hardware, which you can subsequently upgrade to LM 19.3 if you wanted. Or otherwise, you could do whatever you want and change your mind later. :)

Edit: I searched for "open source sha256 windows" and found QuickHash GUI. I've never used it nor heard of it (though I've not been in the market for such a solution), but it's open source, and looks to be maintained. Just thought this may be a workaround solution for CertUtil on Vista. Your call.
Mint584

Re: How to verify the ISO image on Windows

Post by Mint584 »

When I leave off the SHA256 i get a SHA1 hash which doesnt match.

Thanks for the advice on an alternative Mint version. This is an older (2007) HP laptop so since it was running the 32 bit version of Vista I thouht I would have to stick with the 32 bit Mint version.
User avatar
JoeFootball
Level 13
Level 13
Posts: 4674
Joined: Tue Nov 24, 2009 1:52 pm
Location: /home/usa/mn/minneapolis/joe

Re: How to verify the ISO image on Windows

Post by JoeFootball »

Mint584 wrote: When I leave off the SHA256 i get a SHA1 hash which doesnt match.
Yep, that's what I suspected. SHA1 is Vista-era algorithm that has since been deprecated by those who know better. I'd look into that QuickHash app as an alternative to get SHA256.
Mint584 wrote:Thanks for the advice on an alternative Mint version. This is an older (2007) HP laptop so since it was running the 32 bit version of Vista I thouht I would have to stick with the 32 bit Mint version.
Could be. One way to find out for sure is try to boot a live session of a 64-bit OS. If it works, the hardware is 64-bit. If not, it's 32-bit. Regardless of architecture, keep the LM 19.2 Xfce option in mind. I still use it with the 4.15.x kernel on all my older systems with success.
Mint584

Re: How to verify the ISO image on Windows

Post by Mint584 »

Thanks again for all your help. I'm not sure how to boot a live session of a 64 bit version. Ill search on the site for more info.
User avatar
JoeFootball
Level 13
Level 13
Posts: 4674
Joined: Tue Nov 24, 2009 1:52 pm
Location: /home/usa/mn/minneapolis/joe

Re: How to verify the ISO image on Windows

Post by JoeFootball »

Mint584 wrote: Thanks again for all your help.
You're welcome. :)
Mint584 wrote: I'm not sure how to boot a live session of a 64 bit version.
It's part of the installation process. Basically, you download the ISO, verify it, create a bootable DVD or USB from it, then use that to boot to a live session to try out Linux Mint, and from there select the Install icon.

https://linuxmint-installation-guide.re ... en/latest/
Chuck1991

Re: How to verify the ISO image on Windows

Post by Chuck1991 »

I was successful at verifying a Mint "Mate" ISO, got a boot USB made and tested it on my 10-year old computer. It worked just fine. Then I decided to bite the bullet and get a new computer, a Dell G5. I also decided to go with "Cinnamon" and so started all over. So now when I try to verify at the CMD prompt, I get this:

C:\Users\chuck\Documents\ISO> sha256sum -b *.iso
'sha256sum' is not recognized as an internal or external command,
operable program or batch file.

I went back to my old computer and tried to run the verify there. Where I had had success before, it now gives me the same response as above. Is there another way to verify? Thanks.
User avatar
JoeFootball
Level 13
Level 13
Posts: 4674
Joined: Tue Nov 24, 2009 1:52 pm
Location: /home/usa/mn/minneapolis/joe

Re: How to verify the ISO image on Windows

Post by JoeFootball »

Chuck1991 wrote: C:\Users\chuck\Documents\ISO> sha256sum -b *.iso
'sha256sum' is not recognized as an internal or external command,
operable program or batch file.
Looks like you're trying to execute a Linux command on a Windows computer, which won't work. As detailed in the Windows tutorial try the CertUtil command.
Chuck1991

Re: How to verify the ISO image on Windows

Post by Chuck1991 »

JoeFootball,
Thank you. I was repeating my steps from memory instead of rereading the instructions. As a chief engineer once said some 40+ years ago: "I'd so much rather see a person malfunction than a machine." :lol:
Locked

Return to “Tutorials”