≡ Menu


Get Free Interactive Shell Access to Linux / BSD and UNIX Like Operating Systems

From my mail bag:

Where can I get free interactive access to HP-UX or Linux distro or UNIX shell access?

You can simply grab and try out any Linux / BSD / Solaris Live CD. However, some time you cannot install and use particular UNIX like os. So, if you want to try the latest technologies over the Internet? Try HP TestDrive program:

This program allows you to testdrive some of the hottest hardware and operating systems available today. Have you ever wanted to try out HP's exciting 64-bit Integrity and PA-RISC technology? Get time on SMP x86 and Opteron ProLiant servers? Try out a Blade server. Try different Open Source operating systems such as FreeBSD, Suse, Redhat, Debian and other Linux distributions.

This program is perfect for students and new users to try out and learn basis of UNIX. You can also try and test your C/C++ programs using latest Intel compilers. It is intended for those users who want to sample the 32- and 64-bit servers running a variety of HP, UNIX, Linux and third-party operating systems and applications.

=> HP Test Drive Program [hp.com]

Howto: Verify integrity of the tar balls or source code

Verifying integrity of the tar balls or source code is an essential step, which makes sure that you are going to use guanine software (also know as checksum). Every Linux or UNIX admin should be aware of this test. However, what is a checksum? A checksum is a form of a very simple measure for protecting the integrity of data from both hackers (read as crackers) and data transmission error over network i.e. make sure no one has tampered with a source file (see checksum @ wikipedia) For file verification, use any one of the following command:

  1. sha1sum - check SHA1 (160-bit) checksums
  2. md5sum - check MD5 (128-bit) checksums
  3. gpg - Use to validate a GPG certificate

Therefore, whenever you visit source-code download site, you will come across md5sum, sha1sum, or gpg signature keys listed. Following is general syntax to verify keys with different commands:

  • sha1sum {source-code-file-name}
  • md5sum {source-code-file-name}
  • gpg --verify {source-code-file-name.sig} {source-code-file-name}

Examples ~ sure, without examples no one able to grasp the idea:

Howto: Verify integrity of the tar balls with gpg command

GnuPG is a complete and free replacement for PGP. You will use gpg command to validate a GPG certificate. For example, purpose download Apahce-web server tar ball. Visit Apache web site to download latest version of Apache. As usual, use wget command:

$ wget http://www.apache.org/dist/httpd/httpd-2.0.55.tar.gz

Next download gpg key listed next to download link:
$ wget http://www.apache.org/dist/httpd/httpd-2.0.55.tar.gz.asc

How do I verify integrity of the tar ball?

Use gpg command as follows:
$ gpg httpd-2.0.55.tar.gz.asc

gpg: Signature made Monday 10 October 2005 07:05:15 AM IST using RSA key ID 10FDE075
gpg: Can't check signature: public key not found

You will see an error message 'Can't check signature: public key not found'. It means you need to get the key (called 10FDE075) and install it in your public keyring. You can download key from free public key server such as pgpkeys.mit.edu

$ gpg --keyserver pgpkeys.mit.edu --recv-key 10FDE075

gpg: requesting key 10FDE075 from hkp server pgpkeys.mit.edu
gpg: key 10FDE075: duplicated user ID detected - merged
gpg: key 10FDE075: public key "wrowe@covalent.net" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)

Once the key is installed, use the following command to check the certificate of a source code file/tar ball:
$ gpg --fingerprint 10FDE075
$ gpg --verify httpd-2.0.55.tar.gz.asc httpd-2.0.55.tar.gz

Online References:

How To Verify Integrity of The Tar Balls With md5sum Command

md5sum command is use to check or print MD5 (128-bit) checksums. For example purpose download your favorite Linux distribution from Linux distribution web site / project site. Now you will need to to check md5sum on a Linux ISO file.

1) Download Debian linux # 1 ISO please note down md5sum listed next to each ISO file with the help of wget command:
$ wget http://someproject.org/path/to/isofile.iso

2) Verify integrity of a Linux iso:
$ md5sum isofile.iso

a0b162e26281ef097ee8b39b8690a8c2 isofile.iso

Compare output (a0b162e26281ef097ee8b39b8690a8c2) with key listed online at linuxiso.org's site.

You can read MD5 sums from the FILEs and check them:
$ md5sum -c xcache-1.2.2.tar.gz.md5.txt
Sample output:

xcache-1.2.2.tar.gz: OK

Online References:

Howto: Verify integrity of the tar balls with sha1sum command

sha1sum command is use to check or print SHA1 (160-bit) checksums. For example purpose you will use my favorite Linux chat client called zinc, visit zinc web site to download chat client, note down sha1 key listed next to download file.

1) Use wget to download zinc
$ wget http://larvalstage.com/zinc/files/zinc-1.1rc2.tar.gz

2) Verify integrity of the tar balls with sha1sum
$ sha1sum zinc-1.1rc2.tar.gz
b78b915c787e9deb3a9a5199785e4b3607092536 zinc-1.1rc2.tar.gz

Compare key b78b915c787e9deb3a9a5199785e4b3607092536 with key listed online.

Read more of the Howto: Verify integrity of the tar balls or source code