Fedora

Verify your ISO download.

Windows user? Follow these instructions instead.

Once you have downloaded an ISO, verify it for security and integrity. If you downloaded your ISO via BitTorrent, the file has already been verified as part of the download process (just make sure that you got the torrent from torrent.fedoraproject.org). Otherwise, to verify your ISO, start by downloading the proper CHECKSUM file into the same directory as the ISO:

Install DVD / Rescue CD

• i386
• x86_64
• ppc

Live Media

• i386
• x86_64
• i386 (KDE)
• x86_64 (KDE)

Next, import Fedora's GPG key(s):

$ curl https://fedoraproject.org/static/fedora.gpg | gpg --import

You can verify the details of the GPG key(s) here.

Now, verify that the CHECKSUM file is valid:

$ gpg --verify *-CHECKSUM

The CHECKSUM file should have a good signature from one of the following keys:

• D22E77F2 - Fedora 11
• 4EBFC273 - Fedora 10
• 0B86274E - Fedora 10 pre-releases
• 4F2A6FD2 - Fedora 9 and earlier
• 30C9ECF8 - Fedora 9 and earlier pre-releases

Finally, now that the CHECKSUM file has been verified, check that the ISO's checksum matches:

$ sha256sum -c *-CHECKSUM

If the output states that the file is valid, you're good to go!

Copyright © 2009 Red Hat, Inc. and others. All Rights Reserved. For comments or queries, please contact us.

The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community maintained site. Red Hat is not responsible for content.

• Sponsors
• Legal
• Trademark Guidelines