62 lines
2.7 KiB
Markdown
62 lines
2.7 KiB
Markdown
# Download spmenu
|
|
|
|
The latest release of spmenu can be had from my [releases](https://ls.speedie.site/?b=releases%2Fspmenu)
|
|
page. Select the latest version (which is at the bottom). You can also get the
|
|
latest release [here](https://git.speedie.site/speedie/spmenu/releases/latest)
|
|
if you prefer.
|
|
|
|
You can also get spmenu
|
|
|
|
I provide the following with each release. Older releases may be missing some
|
|
of these:
|
|
|
|
- Source code tarball (spmenu-VERSION.tar.gz)
|
|
- Source code tarball PGP signature (spmenu-VERSION.tar.gz.sig)
|
|
- Source code tarball MD5 hash (spmenu-VERSION.tar.gz.md5)
|
|
- Source code tarball SHA256 hash (spmenu-VERSION.tar.gz.sha256)
|
|
- Arch Linux PKGBUILD (spmenu-VERSION.PKGBUILD)
|
|
- Arch Linux prebuilt package (spmenu-VERSION-1-x86_64.pkg.tar.zst)
|
|
- Arch Linux prebuilt package PGP signature (spmenu-VERSION-1-x86_64.pkg.tar.zst.sig)
|
|
- Arch Linux prebuilt package MD5 hash (spmenu-VERSION-1-x86_64.pkg.tar.zst.md5)
|
|
- Arch Linux prebuilt package SHA256 hash (spmenu-VERSION-1-x86_64.pkg.tar.zst.sha256)
|
|
- Gentoo Linux ebuild (spmenu-VERSION.ebuild)
|
|
- Gentoo Linux ebuild PGP signature (spmenu-VERSION.ebuild.sig)
|
|
- Gentoo Linux ebuild MD5 hash (spmenu-VERSION.ebuild.md5)
|
|
- Gentoo Linux ebuild SHA256 hash (spmenu-VERSION.ebuild.sha256)
|
|
|
|
See [[Installing spmenu]] for instructions on installing spmenu.
|
|
|
|
## Verifying using PGP
|
|
|
|
To verify a file using PGP, you need to make sure you have GPG installed. Then
|
|
you can import my public key into your keyring. Do this using: `gpg --recv-keys CEB863B830D1318A`.
|
|
If you don't want to use a keyserver, you can get my key [here](https://ls.speedie.site/pubkey.asc).
|
|
|
|
Now you can verify it using: `gpg --verify FILE.sig FILE`. For example, to
|
|
verify `spmenu-3.0.2.tar.gz`, run the following: `gpg --verify spmenu-3.0.2
|
|
.tar.gz.sig spmenu-3.0.2.tar.gz`. The output should be something like the
|
|
following:
|
|
|
|
```Shell
|
|
gpg: Signature made Wed 19 Jul 2023 03:50:52 AM CEST
|
|
gpg: using RSA key AE46FBEA635C56F2B212D036CEB863B830D1318A
|
|
gpg: Good signature from "speedie (key) <speedie.alt@gmail.com>" [ultimate]
|
|
```
|
|
|
|
If you do not get a good signature, you should **not** install spmenu using the
|
|
tarball/package, you should consider it compromised.
|
|
|
|
## Verifying using SHA256
|
|
|
|
To verify the SHA256 hash, run `sha256sum FILE` where `FILE` is the file you want
|
|
to check. You should end up with a 64 character (256 bit) string of characters.
|
|
Make sure this string is **identical** to the contents of `FILE.sha256`.
|
|
|
|
## Verifying using MD5
|
|
|
|
NOTE: It is recommended that you verify using PGP and/or SHA256 instead.
|
|
|
|
To verify the MD5 hash, run `md5sum FILE` where `FILE` is the file you want
|
|
to check. You should end up with a 32 character (128 bit) string of characters.
|
|
Make sure this string is **identical** to the contents of `FILE.md5`.
|