Weblogs

checking signed md5sums of software downloads

I never used that a lot, but in the course of my (small ) participation in the GRML Bug Squashing party, I realized that, yes, it's a good security feature to give people a signed md5 sum to check if a downloaded iso - or any other type of file, is really originating from a person who owns a key you trust, and this person asserted the file is built from him.

But, how many steps do you need, and which commands, to check that?

Here's a one-liner to do it, assuming you have the file with the name FILE , and the signed mdsum in a file name FILE.md5.asc:

echo iso name?; read iso; gpg --verify $iso.md5.asc; md5sum -c $iso.md5.asc

Grails with intelliJ IDEA on Ubuntu

So, I struggled for a while to get idea to create a grails project - when tryin to create my first project, I've been told I have no grails sdk configured yet, but could add a new one. But the "ok" button on the file selector for the grails SDK location kept being gray and could not be pressed when I was on /usr/share/grails - the location where the debian package of grails places the whole software into.

Twitter Learnings

Ah ja.

Nach einigen Wochen in diesem Twitterdings nun auch endlich mal rausgefunden, was diese Raute soll, die die Leute ab und zu in Ihren Posts schreiben....

Hashtags! siehe http://twitter.pbwiki.com/Hashtags und http://www.hashtags.org/ und http://twemes.com/

FAI Vortrag bei Newthinking

So durfte ich dann im Newthinking Store in Berlin vorgestern etwas zu FAI erzählen...

Trotz Halsschmerzen konnte ich halbwegs anständig reden - bin aber nicht, wie eigentlich geplant in Berlin geblieben, sondern nach einem kleinen Imbiss wieder nach Hause. Demnächst aber wieder in B, um im Büro2.0 nen FAI Server zu installieren. Freu ich mich drauf.

Vortragsfolien anbei!

Inhalt abgleichen