Linux-Noob Forums

Full Version: check your MD5 checksums !!
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Quote:the instructions here allow you to MD5SUM your downloaded ISO's in Windows using the file below, also, any reference to the MD5SUM's themselves MUST be check on [/url] as the MD5SUMS's below, are for Fedora Core Release 2 (not 1, 3 or 4 for that matter...)

If you are planning on downloading Fedora Core Release 2 (especially the 4 gb DVD iso) then check your md5 checksums, it will save you burning coasters


here are the checksums and attached is a tool which will allow you to check the checksums from within windows, just copy it to your c:\windows\system32 directory and do md5sum filename.ext


download md5sum.exe from here









Hash: SHA1


c366d585853768283dac6cdcefcd3a2d FC2-i386-disc1.iso

fc3c926442cc85a469268651bd04c186 FC2-i386-disc2.iso

5ad870e696953f4bbd0a91936873890e FC2-i386-disc3.iso

c736f8048b12315b5c0b070de1d74867 FC2-i386-disc4.iso

2d8a20014af287bf8c6b29f2da031f98 FC2-i386-DVD.iso

22f4bfca5baefe89f0e04166e738639f FC2-i386-rescuecd.iso

0c0268f26ed08d24880119e1b44d45e8 FC2-i386-SRPMS-disc1.iso

3d17a40489e8dcd3761f166ff264c712 FC2-i386-SRPMS-disc2.iso

4e798934b399eb78e9e67dec23d946bb FC2-i386-SRPMS-disc3.iso

5d84eb0aecea8bce8e4857d3e46136c3 FC2-i386-SRPMS-disc4.iso


Version: GnuPG v1.0.7 (GNU/Linux)






and this is the actual MD5SUM file for Fedora Core Release 2


plus.. once done, to verify it do as follows:-


[root@localhost root]# gpg --keyserver --recv-keys 4F2A6FD2
gpg: key 4F2A6FD2: "Fedora Project <>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1


followed by


[root@localhost root]# gpg --verify /home/anyweb/MD5SUM
gpg: Signature made Thu 13 May 2004 09:25:04 PM CEST using DSA key ID 4F2A6FD2
gpg: Good signature from "Fedora Project <>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: CAB4 4B99 6F27 744E 8612  7CDF B442 69D0 4F2A 6FD2


and from fedora's own website





they state

Quote:The Fedora Project public key is available from a number of places: 

    * From our website

    * In a Fedora Core distribution, in the file /usr/share/rhn/RPM-GPG-KEY-fedora

    * On a public keyserver, such as


The fingerprint of the key is:


CAB4 4B99 6F27 744E 8612  7CDF B442 69D0 4F2A 6FD2

so you can see that the key fingerprint matches even though there is a warning !






I downloaded md5sum.exe and ran it in DOS as:


md5sum FC4-i386-disc1.iso and it gave me:


00f145389547055096c78ca2fb90d1a2 *FC4-i386-disc1.iso


I went to Fedora's site ( and opened up the "SHA1SUM" file and it said:


3fb2924c8fb8098dbc8260f69824e9c437d28c68 FC4-i386-disc1.iso


Does that mean that the md5sum failed and I have to download the iso again? Or am I just not doing the md5sum properly?




fedora core release 4 uses sha1sum and not md5sum


you need to download a different utility for fcr4






Thanks for the info about sha1sum.exe. I downloaded and ran the sha1sum against the FC4 disc1 .iso and it came up with the correct: 3fb2924c8fb8098dbc8260f69824e9c437d28c68 value.


Does that mean that the file I downloaded was in fact a complete and safe copy? If so, what else could be the problem with the GUI linux install spitting out my CD?



it just means the downloaded iso is correct


did you merely burn that iso to the cd, or burn the cd FROM The iso,


in addition, once burned, if it fails during the install then burn another copy at a slower speed


you'll get there eventually :)




Thanks for the reply. I'll try to burn at a slower speed, but not sure what you mean about burning the cd from the iso.. I downloaded the .iso opened it up with "UltraISO" and burned from that program. Is Mandrake or Red Hat easier?