Difference between revisions of "Quartz64 Installing Arch Linux ARM"

Jump to navigation Jump to search
m
→‎Fetching The Root File System Tarball: since we do signature verification, we can drop the https requirement now
(found the key after all.)
m (→‎Fetching The Root File System Tarball: since we do signature verification, we can drop the https requirement now)
Line 13: Line 13:
== Fetching The Root File System Tarball ==
== Fetching The Root File System Tarball ==


Fetch the root filesystem tarball over HTTPS from the de3 mirror, the autoselect mirror is broken and will sometimes feed you mirrors with broken HTTPS.
Fetch the root filesystem tarball and the PGP signature


  $ wget -N https://de3.mirror.archlinuxarm.org/os/ArchLinuxARM-aarch64-latest.tar.gz{,.sig}
  <nowiki>$ wget -N http://os.archlinuxarm.org/os/ArchLinuxARM-aarch64-latest.tar.gz{,.sig}</nowiki>


Fetch the gpg keys:
Fetch the gpg keys:


  $ curl 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x68b3537f39a313b3e574d06777193f152bdbe6a6' | gpg --import=-
  <nowiki>$ curl 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x68b3537f39a313b3e574d06777193f152bdbe6a6' | gpg --import=-</nowiki>
 
Compare the key ID provided in the above command with the one listed here: https://archlinuxarm.org/about/package-signing (Take good note of the domain and HTTPS)


Verify the tarball's authenticity
Verify the tarball's authenticity


  $ gpg --verify ArchLinuxARM-aarch64-latest.tar.gz.sig
  $ gpg --verify ArchLinuxARM-aarch64-latest.tar.gz.sig
{{note|Do not skip verifying the authenticity. This is important. It also protects you from prematurely aborted transfers giving you a corrupt archive.}}


== Installing The Root File System ==
== Installing The Root File System ==
492

edits

Navigation menu