![Verify ubuntu download](https://kumkoniak.com/72.jpg)
In this case Alice should use its private key to generate a digital signature To verify Alice’s signature, Bob, (or any other person) uses Alice’s public key. Suppose Alice wants to distribute a public message this time: everyone should be able to read it, but a method is needed to verify that the message is authentic and was really written by Alice. That is gpg encryption the other thing we can do with gpg is to create a digital signature. Once the message is encrypted only Bob’s private key will be able to decrypt it.
![verify ubuntu download verify ubuntu download](https://vitux.com/wp-content/uploads/2019/05/word-image-138-768x124.png)
If Alice wants to send a private message to Bob, and wants to be sure that only Bob is able to read the message, she must encrypt it with Bob’s public key. If they want to benefit from the use of gpg, the first thing they must do is to exchange their public keys. Let’s say we have two persons: Alice and Bob. There are basically two things we can do with gpg: encrypting and signing. Each user generates a private and a public key: the former, as its name suggests, is strictly personal, and must be kept as safe as possible the latter, instead, can be distributed and freely accessed by the public. Gpg encryption is based on the use of key pairs. There is only one problem: how can we be sure that this file itself has not been altered? We must check its gpg signature! By the way, what is a gpg signature and what is the difference between signing and encrypting with gpg? Encrypting vs signing To be sure an ISO we downloaded was not altered, there is one simple thing to do: check that its checksum corresponds to the one indicated in the file which is usually available in the same page the ISO was downloaded from. Step 1 Verifying the gpg signature of the checksum file
VERIFY UBUNTU DOWNLOAD HOW TO
Here we will see how to perform both steps.
![verify ubuntu download verify ubuntu download](https://sourcedigit.com/wp-content/uploads/2016/11/disk-usage-analyzer-1.jpg)
Verifying the checksum provided in the file is the same of the one of the actual ISO.Verifying the signature of the file containing the checksum of the ISO.The steps involved in checking the integrity of a downloaded ISO are basically two:
![Verify ubuntu download](https://kumkoniak.com/72.jpg)