From 9704c8917e0b39ad957f90fc44e2f0f854207b05 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 31 May 2023 14:47:34 -0400 Subject: [PATCH] 2.4.2 --- VERIFY_ISO.md | 53 +++++++++++++++++++++++++++++++++++++++++++++++++- sigs | Bin 0 -> 566 bytes 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 sigs diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md index 53a229349..79f245bab 100644 --- a/VERIFY_ISO.md +++ b/VERIFY_ISO.md @@ -1 +1,52 @@ -### An ISO will be available starting in RC1. +### 2.4.2-20230531 ISO image built on 2023/05/31 + + + +### Download and Verify + +2.4.2-20230531 ISO image: +https://download.securityonion.net/file/securityonion/securityonion-2.4.2-20230531.iso + +MD5: 3BA7D8EF63C6AB7F429363A1A4163BD7 +SHA1: FEA75AA5B0D30B6F8DB1A005F2E9F9EC88D5031A +SHA256: 5614AA6A6087EBEEA9376D42BEFF61BABE98BEECD74C69213645C6640B5841EB + +Signature for ISO image: +https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.2-20230531.iso.sig + +Signing key: +https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.4/main/KEYS + +For example, here are the steps you can use on most Linux distributions to download and verify our Security Onion ISO image. + +Download and import the signing key: +``` +wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.4/main/KEYS -O - | gpg --import - +``` + +Download the signature file for the ISO: +``` +wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.2-20230531.iso.sig +``` + +Download the ISO image: +``` +wget https://download.securityonion.net/file/securityonion/securityonion-2.4.2-20230531.iso +``` + +Verify the downloaded ISO image using the signature file: +``` +gpg --verify securityonion-2.4.2-20230531.iso.sig securityonion-2.4.2-20230531.iso +``` + +The output should show "Good signature" and the Primary key fingerprint should match what's shown below: +``` +gpg: Signature made Wed 31 May 2023 02:17:07 PM EDT using RSA key ID FE507013 +gpg: Good signature from "Security Onion Solutions, LLC " +gpg: WARNING: This key is not certified with a trusted signature! +gpg: There is no indication that the signature belongs to the owner. +Primary key fingerprint: C804 A93D 36BE 0C73 3EA1 9644 7C10 60B7 FE50 7013 +``` + +Once you've verified the ISO image, you're ready to proceed to our Installation guide: +https://docs.securityonion.net/en/2.4/installation.html \ No newline at end of file diff --git a/sigs b/sigs new file mode 100644 index 0000000000000000000000000000000000000000..63d71007ee6deed0ef94388beda7f3fe177c5cc1 GIT binary patch literal 566 zcmV-60?GY}0y6{v0SEvc79j-41gSkXz6^6dp_W8^5Ma0dP;e6k0%UiOBLE5s5PT3| zxBgIY6D>Iq0ENVSEH)y+!)QLdvk)+%3HJrV>(a9P{46Z`>+!3fhxMA{Z*FSa-z)0% zf~30VVAC_C)? zmoYARZ^#TfwI?K~#&i{c!BK*Ef@(igR4hj)NYkF}jnWFmW&JphG#tig0YcS}D4 ztGJ->Sqq0ANpv$?qTr(ok0SpUW3?!Ezw*?@nFQfHg9(l=@l^$h@<$ZvR+oO-Z0p1w zlG#e;)*#vPS?~5geE+%R4Jm#arakoBd0nWT>Y@iBVv&7B7(c5>e4Mx_&}ibm(Z|E4 zbo|69ed+R#nN(9i8i!dV(ixKpqpVcbHy}m#ta!K7`oe9j+D)9!PsMhIuW?@vUIY~Stt~u{EU9}f41};v-Y9vk+)9z)j6i4X=l`MF z)5!Mtg(*}WnUVkUV*3Wt8B%X}oi^EVh=Q)e6wYuN2yrC|ZZ3AN{?2T}wrO+dA1Zed zC?-q^9*sssZ9wOxtE-xK-XbdX+g8;&?D!aZHKtH5XuB<)y5_M4@aJ#Xj1!