Fedora

Verify your ISO download.

Windows user? Follow these instructions instead.

Once you have downloaded an ISO, verify it for security and integrity. If you downloaded your ISO via BitTorrent, the file has already been verified as part of the download process (just make sure that you got the torrent from torrent.fedoraproject.org). Otherwise, to verify your ISO, start by downloading the proper SHA1SUM file into the same directory as the ISO:

Install DVD / Rescue CD

• i386
• x86_64
• ppc

Live Media (both GNOME and KDE)

• i386
• x86_64

Next, import Fedora's GPG key:

$ wget https://fedoraproject.org/static/fedora.gpg
$ gpg --import fedora.gpg

Now, to verify that the SHA1SUM file is valid, make sure that it has a good signature from the key ID 4F2A6FD2.

$ gpg --verify SHA1SUM

Finally, now that the SHA1SUM file has been verified, check that the ISO's checksum matches:

$ sha1sum -c SHA1SUM

If the output states that the file is valid, you're good to go!

Copyright © 2008 Red Hat, Inc. and others. All Rights Reserved. For comments or queries, please contact us.

The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community maintained site. Red Hat is not responsible for content.

• Sponsors
• Legal
• Trademark Guidelines