Boss has download Kali Linux into a pendrive and wants me to verify. He downloaded the image from https://www.kali.org/downloads/. There is an important steps before doing any installations. Which is to verify the signature of the image file.
Pretty much following the instruction in the webpage. But the only problem I found was boss didnt download the SHA1SUM files. I head over to the download page to get it download SHA1SUM files and put them into the folder together with the img file.
$ wget -q -O - https://www.kali.org/archive-key.asc | gpg --import
$ gpg --verify SHA1SUMS.gpg SHA1SUMS
Mistake done on the verifications. It should be this way below.
$ sha1sum kali-linux-2xx.x-amd64.iso
It will take sometime to calculate the md5 and display it on screen. Copy that md5 number and compare it against SHA1SUM (download from the download site). If its identical then its good to file and can proceed with installation.
Pretty much following the instruction in the webpage. But the only problem I found was boss didnt download the SHA1SUM files. I head over to the download page to get it download SHA1SUM files and put them into the folder together with the img file.
$ wget -q -O - https://www.kali.org/archive-key.asc | gpg --import
$ gpg --verify SHA1SUMS.gpg SHA1SUMS
Mistake done on the verifications. It should be this way below.
$ sha1sum kali-linux-2xx.x-amd64.iso
It will take sometime to calculate the md5 and display it on screen. Copy that md5 number and compare it against SHA1SUM (download from the download site). If its identical then its good to file and can proceed with installation.
