On 05/01/13 21:54, James Freer wrote: <snip>
That's the iso i used and seemed to be ok installed. But i can't exit root; from either using the root terminal or synaptic... apart from reboot.
Not sure what you mean.
gpg seems complicated to me! I just do sha or md5sum /dev/scd0 and then copy the output to editor where i've pasted the correct output. I thought that was the way everyone did it.
You need to verify the signature to the sums file if you want to make sure the image didn't get tampered with on the way to you. Of course, this does give you the problem of verifying the gpg (OpenPGP) key. :) This is solvable by key signing in person and the web of trust or just downloading the key and crossing your fingers :D If you just want to test for accidental image corruption then what you did is enough but you should think about gpg.
The Debian package manager uses gpg to verify the package database files (which includes sums) it downloads and then verifies these sums on the packages it downloads. This is like the manual steps you can do with the installer images.
Mike.