1. Installing Oracle Linux
  2. Preparing to Install
  3. Verifying ISO Downloads

Verifying ISO Downloads

To verify an Oracle Linux ISO download, you need the following:

  • The checksum file corresponding to the downloaded ISO.

  • The public GPG key to verify the checksum file signature.

The following steps show you how you can verify an Oracle Linux ISO download:

  1. Download and import the public GPG key.

    For example, to download the GPG key for Oracle Linux 9, run the following command: 

    curl https://yum.oracle.com/RPM-GPG-KEY-oracle-ol9 | sudo gpg --import

  2. Download the appropriate checksum file to the directory containing the downloaded ISO.

    For example, to download the checksum for Oracle Linux 9 (x86_64 platform) you would run: 

    curl -O https://linux.oracle.com/security/gpg/checksum/OracleLinux-R9-U4-Server-x86_64.checksum

  3. Verify the integrity of the checksum file you have downloaded:

    sudo gpg --verify OracleLinux-R9-U4-Server-x86_64.checksum

  4. Use the sha256sum -c command to verify the checksum for downloaded ISO: 

    sudo grep OracleLinux-R9-U4-x86_64-dvd.iso OracleLinux-R9-U4-Server-x86_64.checksum | sudo sha256sum -c

For more information, and download links for other Oracle Linux release keys and checksum files, see https://linux.oracle.com/security/gpg/