better way to verify install media

[bobOnGitHub]

Hi,
Just downloading Alma Linux for a look-see and going through the verification process.

At https://wiki.almalinux.org/release-notes/8.5.html#installation-instructions
You suggest:

# calculate the downloaded ISO SHA256 checksum
$ sha256sum AlmaLinux-8.5-x86_64-boot.iso
65b3b4c17ce322081e2d743ee420b37b7213f4b14d2ec4f3c4f026d57aa148ec  AlmaLinux-8.5-x86_64-boot.iso

# compare it with expected checksum, it should be the same
$ cat CHECKSUM | grep -E 'SHA256.*AlmaLinux-8.5-x86_64-boot.iso'
SHA256 (AlmaLinux-8.5-x86_64-boot.iso) = 65b3b4c17ce322081e2d743ee420b37b7213f4b14d2ec4f3c4f026d57aa148ec

Which is perfectly good :) but you could use:

$ sha256sum -c CHECKSUM --ignore-missing
AlmaLinux-8.5-x86_64-dvd.iso: OK
sha256sum: WARNING: 17 lines are improperly formatted

which is easier if you're a human :)

[bennyvasquez]

@bobOnGitHub that's definitely something worth adding. Do you want to submit a pull request with the update, adding it as an option?

[bobOnGitHub]

Hi @bennyvasquez , just took a quick look at that again and I think what really needs to be done is a new mini/sub topic somewhere called "verifying your AlmaLinux downioad" and then link to that for each release. At the moment the information is repeated for every release. Otherwise the change has to be done for all existing and future releases.

As someone needs to decide where that would go and I'm not familiar with how it all hangs together ( was about to clone the repo and start poking around ) I'll leave it to someone who is already familiar with what you're doing.

Feel free 😃