How to verify the Talis ISO image

Fig.01: How to verify the Talis ISO image

Fig.01: How to verify the Talis ISO image

The following instuctions exaplins how to verify the tails ISO images. I tested them on Ubuntu Linux system.

First download the tails ISO CD image

$ wget http://dl.amnesia.boum.org/tails/stable/tails-i386-2.0/tails-i386-2.0.iso
Sample outputs:

2.0/tails-i386-2.0.iso
--2016-01-27 03:24:14--  http://dl.amnesia.boum.org/tails/stable/tails-i386-2.0/tails-i386-2.0.iso
Resolving dl.amnesia.boum.org (dl.amnesia.boum.org)... 151.80.190.129, 158.36.190.173, 176.9.38.37, ...
Connecting to dl.amnesia.boum.org (dl.amnesia.boum.org)|151.80.190.129|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1135089664 (1.1G) [application/x-iso9660-image]
Saving to: 'tails-i386-2.0.iso'
 
 4% [>                               ] 46,793,301  1.07MB/s  eta 13m 56s

Download CRYPTOGRAPHIC SIGNATURE key for the ISO

$ wget https://tails.boum.org/torrents/files/tails-i386-2.0.iso.sig
Sample outputs:

--2016-01-27 03:29:44--  https://tails.boum.org/torrents/files/tails-i386-2.0.iso.sig
Resolving tails.boum.org (tails.boum.org)... 204.13.164.188
Connecting to tails.boum.org (tails.boum.org)|204.13.164.188|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 801 [application/pgp-signature]
Saving to: 'tails-i386-2.0.iso.sig'
 
100%[===============================>] 801         --.-K/s   in 0s      
 
2016-01-27 03:29:44 (51.1 MB/s) - 'tails-i386-2.0.iso.sig' saved [801/801]

Download Talis signing key

$ wget https://tails.boum.org/tails-signing.key
Sample outputs:

Resolving tails.boum.org (tails.boum.org)... 204.13.164.188
Connecting to tails.boum.org (tails.boum.org)|204.13.164.188|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 84791 (83K) [application/pgp-keys]
Saving to: 'tails-signing.key'
 
100%[===============================>] 84,791       512KB/s   in 0.2s   
 
2016-01-27 03:30:12 (512 KB/s) - 'tails-signing.key' saved [84791/84791]

Verify the ISO

Type the following command:
$ ls -l
Sample outputs:

total 1108580
-rw-rw-r-- 1 vivek vivek 1135089664 Jan 25 18:25 tails-i386-2.0.iso
-rw-rw-r-- 1 vivek vivek        801 Jan 26 16:47 tails-i386-2.0.iso.sig
-rw-rw-r-- 1 vivek vivek      84791 Dec 24 08:09 tails-signing.key

Import Tails signing key

Type the following gpg command:
$ gpg --keyid-format long --import tails-signing.key
Sample outputs:

gpg: directory `/home/vivek/.gnupg' created
gpg: new configuration file `/home/vivek/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/vivek/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/vivek/.gnupg/secring.gpg' created
gpg: keyring `/home/vivek/.gnupg/pubring.gpg' created
gpg: /home/vivek/.gnupg/trustdb.gpg: trustdb created
gpg: key DBB802B258ACD84F: public key "Tails developers (offline long-term identity key) " imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
gpg: no ultimately trusted keys found

Finally start the cryptographic verification for the ISO image

$ gpg --keyid-format 0xlong --verify tails-i386-2.0.iso.sig tails-i386-2.0.iso
This will take a little time:

gpg: Signature made Mon 25 Jan 2016 06:07:15 PM CST
gpg:                using RSA key 0x98FEC6BC752A3DB6
gpg: Good signature from "Tails developers (offline long-term identity key) <tails@boum.org>"
gpg:                 aka "Tails developers <tails@boum.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: A490 D0F4 D311 A415 3E2B  B7CA DBB8 02B2 58AC D84F
     Subkey fingerprint: BA2C 222F 44AC 00ED 9899  3893 98FE C6BC 752A 3DB6

Examples and usage: Download of the day: Tails Linux 2.0 ISO CD/DVD

Leave a Comment