How do I verify an AMPS release?

AMPS releases are signed by the key with fingerprint A49E 053A 4C60 9FF5 30EA 0C60 2899 3A8D 8D40 BD7F

To validate an AMPS release use the following steps:

  1. Download the verification key from the AMPS releases page.

  2. Use gpg to import the key.

    gpg --import 60east-release-verification-key.asc

  1. Download the AMPS release, the signature file and the MD5 checksum file from the releases page.

  2. Use md5sum to validate the integrity of the release by running md5sum AMPS-<version>-Release-Linux.tar.gz and comparing it with the MD5 hash in the downloaded .released file.

  3. Use gpg to verify the release package.

    gpg --verify AMPS-<version>-Release-Linux.tar.gz.asc AMPS-<version>-Release-Linux.tar.gz

Last updated