New OpenBSD 5.6 has been released. It is time to give it a try.
In the installation maunal, There is a section “Verifying the OpenBSD Installation Media”.
signify command is used for verification.
signify -C -p /etc/signify/openbsd-56-base.pub -x SHA256.sig cd56.iso
cd56.iso can be obtained from the mirror. However,
openbsd-56-base.pub file is not available. In addition, there is no
signify in default OS X installation.
signify to verify the install media, we can do the following:
brew install signify-osx
- Copy the public key from http://www.openbsd.org/56.html and create a file to store the key. It is required that the file must start with “untrusted comment: “.
untrusted comment: signify public key for OpenBSD 5.6 RWR0EANmo9nqhpPbPUZDIBcRtrVcRwQxZ8UKGWY8Ui4RHi229KFL84wV
- Verify. In my case, I verify the
install56.fswhich is for creating bootable USB. In my case, every file is in the same directory.
signify -C -p 56.pub -x SHA256.sig install56.fs
The final result should look like this.
Signature Verified install56.fs: OK