{{Header}} __FORCETOC__
{{Title|title=
Verify {{project_name_long}} Images Software Signatures
}}
{{#seo:
|description=Download image verification instructions for {{non_q_project_name_short}} with OpenPGP and Signify.
|image=Verify_images.png
}}
[[File:Verify_images.png|200px|thumb]]
{{intro|
Download image verification instructions for {{non_q_project_name_short}} with OpenPGP and Signify.
}}
{{always_verify_signatures_reminder}}
{{Tab
|type=controller
|content=
{{Tab
|title= = OpenPGP / Signify =
|image=[[File:GnuPG-Logo.svg|25px]] [[File:Signify_Logo.svg|25px]]
|active=true
|addToClass=info-box
|content=
{{Tab
|type=controller
|content=

{{Tab
|title= = ISO =
|image=[[File:Cd-rom-icon.png|25px]]
|addToClass=info-box
|content=
Steps to verify the ISO image depend on the operating system in use:

* [[File:Tux.png|15px|link=]] [[Verify the images using Linux|Linux using GPG and/or Signify]]
* [[File:Windows_logo_-_2012.svg.png|15px|link=]] [[Verify_the_images_using_Windows|Windows using Gpg4win]]
* [[File:rsz_osx.png|15px]] [[Verify_the_images_using_macOS|macOS using GPGTools]]
}} <!-- close tab: ISO -->

{{Tab
|title= = VirtualBox =
|image=[[File:Virtualbox_logo.png|25px]]
|addToClass=info-box
|content=
Steps to verify the virtual machine images depend on the operating system in use:

* [[File:Tux.png|15px|link=]] [[Verify the images using Linux|Linux using GPG and/or Signify]]
* [[File:Windows_logo_-_2012.svg.png|15px|link=]] [[Verify_the_images_using_Windows|Windows using Gpg4win]]
* [[File:rsz_osx.png|15px]] [[Verify_the_images_using_macOS|macOS using GPGTools]]

Also see: [[VirtualBox/Appliance is not signed|VirtualBox <code>Appliance is not signed</code> Error Message]].

}} <!-- close tab: VirtualBox -->

{{Tab
|title= = KVM =
|image=[[File:Kvmbanner-logo26.png|25px]]
|addToClass=info-box
|content=
Refer to the KVM [[File:Tux.png|15px|link=]] [[Verify_the_images_using_Linux|Verify the images using Linux]] instructions.
}} <!-- close tab: KVM -->

{{Tab
|title= = Qubes =
|image=[[File:qubes-logo-blue.png|25px]]
|addToClass=info-box
|content=
[[Qubes|{{q_project_name_long}}]] templates digital software signatures are automatically verified when <code>qubes-dom0-update</code> downloads and installs them; manual user verification is unnecessary.

}} <!-- close tab: Qubes -->

}} <!-- close tab controller: VirtualBox, KVM, Qubes -->
}} <!-- close tab: OpenPGP Signatures -->

{{Tab
|title= = Codecrypt Signatures =
|addToClass=info-box
|image=[[File:Quantum-869533640.jpg|25px]]
|content=

[[PQCrypto#Codecrypt|Codecrypt]] signatures are not yet available, but are planned long term.

Volunteer contributions are happily considered! If you were to contribute <code>codecrypt</code> signature creation to the {{project_name_short}} [https://github.com/{{project_name_short}}/developer-meta-files/blob/master/usr/bin/dm-prepare-release <code>dm-prepare-release</code> script], then this feature could be provided much sooner.

If you would like to use codecrypt for software signature verification, please consider making a report in the [https://forums.whonix.org/t/use-codecrypt-to-sign-whonix-releases/7844 codecrypt forum thread]. This method might be supported sooner if there is sufficient interest.

}} <!-- close tab: Codecrypt Signatures -->
}} <!-- close tab controller: OpenPGP and Signify Codecrypt -->
= See Also =
* [[Signing_Key|Download the {{project_name_short}} Signing Key]]
* [[Verifying Software Signatures]]
* [[Trust|Placing Trust in {{project_name_short}}]]
* [[OpenPGP|OpenPGP key distribution strategies]]
* [[Software Signature Verification Usability Issues and Proposed Solutions]]

{{Footer}}

[[Category:Documentation]]

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.