1
I've been attempting to install Linux Mint 18 on a hard drive for a while now, but I continuously run into an error when I try to use gpg --verify
. The exact error is as follows:
$ sudo gpg --verify sha256sum.txt.gpg sha256sum.txt
gpg: Signature made Thu 30 Jun 2016 05:13:33 AM MDT using RSA key ID A25BAE09
gpg: BAD signature from "Linux Mint ISO Signing Key <root@linuxmint.com>"
UPDATE: Now that I'm retrying all the steps to make sure I did everything correctly, I run into this error when I attempt to import the keys with the commands given on the Linux Mint website, here.
$ gpg --keyserver keyserver.ubuntu.com --recv-key "27DE B156 44C6 B3CF
3BD7
D291 300F 846B A25B AE09"
gpg: requesting key A25BAE09 from hkp server keyserver.ubuntu.com
gpg: [don't know]: invalid packet (ctb=22)
gpg: keydb_get_keyblock failed: eof
gpg: [don't know]: invalid packet (ctb=22)
gpg: /home/morsira/.gnupg/pubring.gpg: copy to `/home/morsira/.gnupg
/pubring.gpg.tmp' failed: invalid packet
gpg: error writing keyring `/home/morsira/.gnupg/pubring.gpg': invalid
packet
gpg: [don't know]: invalid packet (ctb=22)
gpg: keydb_search failed: invalid packet
gpg: key A25BAE09: public key "[User ID not found]" imported
gpg: error reading `[stream]': invalid packet
gpg: Total number processed: 0
gpg: imported: 1 (RSA: 1)
Maybe the signature is, in fact, bad. Though why are you using
sudo
for gpg? Also, where did you obtain the .txt file from? – user1686 – 2016-07-25T05:15:46.820The website for Linux Mint has .txt and .gpg.txt files that are apparently supposed to be saved in the same directory as the .iso image. I used
sudo
because I'm pretty terrible at this and thought that it might have some effect. – Morsira – 2016-07-25T05:20:15.063sudo
is utterly not needed for something like this and if your verification fails, then the image could be damaged. Just follow the instructions here on the official Linux Mint page and you should be solid. – JakeGould – 2016-07-25T05:36:52.847Okay, thank you. One other thing, that may or may not be relevant: when I used
sha256sum
the checksum matched what the site said it should be in the sha256sum.txt file I downloaded. Why would the results be different when I verified the file? – Morsira – 2016-07-25T05:42:04.190I can't answer why they would be different (other than your command not doing what you thought it should do), but if you got a matching checksum the other way, there's no way itt would match by chance. So you're good. – fixer1234 – 2016-07-25T06:32:43.613
I more have a problem with the error message that's given when I boot up in the OS. That's the biggest reason why I want to verify my .iso. – Morsira – 2016-07-25T06:42:25.927
Mint created a convoluted procedure to verify the ISO because they were once hacked. Your verification errors may relate to that process rather than the checksum. If you manually compared the sha256 values and they matched, I wouldn't be concerned with issues with this verification procedure. If you're getting an error message when you boot Mint, that's a completely different issue, and not likely related to the ISO being corrupted (although it's great that you're trying to rule that out). People may be able to identify the real problem if you add info about the boot problem. – fixer1234 – 2016-07-25T07:00:23.963
I can't quite remember the error that was given, but a forum that I was looking on for answers had a user that attributed it to an .iso that wasn't properly validated when installing the OS with Unetbootin, which is what I'm currently using to install Mint. – Morsira – 2016-07-25T07:04:34.287