You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ISO images created by KIWI contain an embedded md5 or sha256 checksum (that can be used to verify images with the checkmedia tool). That checksum is added by running tagmedia.
In addition to that it is possible to embed a signature over these checksums, so the user can verify their authenticity. This is done for all the 'regular' SUSE installation media, for example.
For this, you have to prepare the ISO a bit and OBS/IBS will automatically sign them with the project key.
What you need to do is to add a single 2k block to the ISO file system (anywhere) starting with the magic id 7984fc91-a43f-4e45-bf27-6d3aa08b24cf. That's all.
For the Agama Live ISO I added a .signature file manually to the root of the ISO tree (file name does not matter).
But I think it would be useful if KIWI supports this directly.
Problem description
ISO images created by KIWI contain an embedded md5 or sha256 checksum (that can be used to verify images with the
checkmedia
tool). That checksum is added by runningtagmedia
.In addition to that it is possible to embed a signature over these checksums, so the user can verify their authenticity. This is done for all the 'regular' SUSE installation media, for example.
For this, you have to prepare the ISO a bit and OBS/IBS will automatically sign them with the project key.
What you need to do is to add a single 2k block to the ISO file system (anywhere) starting with the magic id
7984fc91-a43f-4e45-bf27-6d3aa08b24cf
. That's all.For the Agama Live ISO I added a
.signature
file manually to the root of the ISO tree (file name does not matter).But I think it would be useful if KIWI supports this directly.
What do you think?
Technical documentation
The text was updated successfully, but these errors were encountered: