How to verify to Oracle Linux Download checksum
Oracle Linux downloads can be verified to ensure that they are exactly the downloads as published by Oracle and that they were downloaded without any corruption.
This page describes the steps to verify the integrity of Oracle Linux downloads regardless of download source.
To verify Oracle Linux Downloads, you need:
The checksum file contains a list of files that are part of a download package with the corresponding checksums as well as a GPG signature. The GPG signature enables anyone to verify that checksum file was published by Oracle. The steps below describe how to verify they checksum file itself and then verify the contents of the Oracle Linux download by checking against the checksum file.
First, import the Oracle Linux GPG key corresponding to your Oracle Linux release:
# curl https://yum.oracle.com/RPM-GPG-KEY-oracle-ol8 | gpg --import
# curl https://yum.oracle.com/RPM-GPG-KEY-oracle-ol7 | gpg --import
# curl https://yum.oracle.com/RPM-GPG-KEY-oracle-ol6 | gpg --import
Download the appopriate checksum file and place it in the same directory as the Oracle Linux download.
To verify the checksum file:
$ gpg --verify-files <checksum-file> Sample Command: $ gpg --verify-file OracleLinux-R8-U1-Server-x86_64.checksum
After verifying the checksum file, verify the download as follows:
$ grep <ISO filename> <checksum-file> | sha256sum -c Sample Command: $ grep OracleLinux-R8-U1-Server-x86_64.iso OracleLinux-R8-U1-Server-x86_64.checksum | sha256sum -c
# curl https://yum.oracle.com/RPM-GPG-KEY-oracle-ol8 -o RPM-GPG-KEY-oracle
# gpg --quiet --keyid-format 0xlong --with-fingerprint RPM-GPG-KEY-oracle
pub 4096R/0x82562EA9AD986DA3 2019-04-09 [SC] [expires: 2039-04-04]
Key fingerprint = 76FD 3DB1 3AB6 7410 B89D B10E 8256 2EA9 AD98 6DA3
uid Oracle OSS group (Open Source Software group)
sub 4096R/0x222F15DFD95DC12B 2019-04-09 [E] [expires: 2039-04-04]
# curl https://yum.oracle.com/RPM-GPG-KEY-oracle-ol7 -o RPM-GPG-KEY-oracle
# gpg --quiet --with-fingerprint RPM-GPG-KEY-oracle
pub 2048R/EC551F03 2010-07-01 Oracle OSS group (Open Source Software group) <build@oss.oracle.com>
Key fingerprint = 4214 4123 FECF C55B 9086 313D 72F9 7B74 EC55 1F03
# curl https://yum.oracle.com/RPM-GPG-KEY-oracle-ol6 -o RPM-GPG-KEY-oracle # gpg --quiet --with-fingerprint RPM-GPG-KEY-oracle pub 2048R/EC551F03 2010-07-01 Oracle OSS group (Open Source Software group) <build@oss.oracle.com> Key fingerprint = 4214 4123 FECF C55B 9086 313D 72F9 7B74 EC55 1F03
Oracle Linux 8
Oracle Linux 7
Oracle Linux 6