Verify OpenBSD install media from OS X

Posted on

New OpenBSD 5.6 has been released. It is time to give it a try.

In the installation maunal, There is a section “Verifying the OpenBSD Installation Media”. signify command is used for verification.

signify -C -p /etc/signify/ -x SHA256.sig cd56.iso

The SHA256.sig and cd56.iso can be obtained from the mirror. However, file is not available. In addition, there is no signify in default OS X installation.

To use signify to verify the install media, we can do the following:

  1. Install signify from either port or homebrew.
brew install signify-osx
  1. Copy the public key from and create a file to store the key. It is required that the file must start with “untrusted comment: “.
untrusted comment: signify public key for OpenBSD 5.6
  1. Verify. In my case, I verify the install56.fs which is for creating bootable USB. In my case, every file is in the same directory.
signify -C -p -x SHA256.sig install56.fs

The final result should look like this.

Signature Verified
install56.fs: OK