Fix live image integrity check

"gpg SHA512SUMS.sign" would do the right thing only if the file actually contained a detached signature. Use explicit and robust "gpg --verify SHA512SUMS.sign SHA512SUMS" instead.
6 years ago · d7a14b078c
parent 27bef99239
commit d7a14b078c
1 changed files with 1 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -72,7 +72,7 @@ $ curl -LfO https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/S

 $ !!.sign

-$ gpg SHA512SUMS.sign
+$ gpg --verify SHA512SUMS.sign SHA512SUMS
 [...]
 gpg: Good signature from "Debian CD signing key <debian-cd@lists.debian.org>" [unknown]
 [...]