MISP
/
misp-packer
mirror of https://github.com/MISP/misp-packer
2
0
Fork 0
Code Issues Releases Wiki Activity
misp-packer/verify.txt

57 lines
1.4 KiB
Plaintext
Raw Normal View History

new: [doc] Added a verify.txt to explain how to verify new: [deploy] Addded symlinks to have an easier latest for actual files.
2019-05-15 11:03:10 +02:00
How to verify the Automate MISP-VMs?
------------------------------------
In this directory you will find the following files:
- OVA File (VirtualBox export of the VM)
- ZIP File (ZIP Packae of the VMware VM)
- ASC File (PGP Armored file of the above files)
- checksums Directory (The directory with all the checksums of the above files)
Verify VirtualBox OVA
---------------------
1. Download signatures
Download the OVA and the ASC into the same directory.
2. Verify signatures
On the command line verify the PGP signature first, example:
$ gpg --verify MISP_v2.4.107@latest.ova.asc MISP_v2.4.107@latest.ova
TODO: Include output.
3. Download SFV files
Now download the checksum file and its signature, and verify.
$ wget https://www.circl.lu/misp-images/MISP_v2.4.107@latest-CHECKSUM.sfv
$ wget https://www.circl.lu/misp-images/MISP_v2.4.107@latest-CHECKSUM.sfv.asc
$ gpg --verify /MISP_v2.4.107@latest-CHECKSUM.sfv.asc MISP_v2.4.107@latest-CHECKSUM.sfv
Next, use rhash or go with the manual way.
rhash
-----
$ rhash -c MISP_v2.4.107@latest-CHECKSUM.sfv
Verify VMware
-------------
1. Download signatures
Download the ZIP and the ASC into the same directory.
2. Verify signatures
On the command line verify the PGP signature first, example:
$ gpg --verify MISP_v2.4.107@latest-VMware.zip.asc MISP_v2.4.107@latest-VMware.zip
TODO: Include output.
Do steps number 3 from above.