Preparing for a Leap 42.1 install
Opensuse Leap 42.1 should be available on Wednesday Nov. 4th. So here are a few notes that some readers might find useful.
Verifying the download
In the past, the download page has had MD5 checksums, SHA1 checksums, and a PGP signature.
With Leap, as with recent Tumbleweed isos, it will be a little different. There will be a file with name ending in “.sha256”. I’m not sure of the actual name, until the download page shows up. It will be the name of the “iso” file, with “.sha256” appended.
This file will contain the sha256 checksum. The file itself will be signed with a gpg (or PGP) key.
To verify the download, use:
gpg --verify filename.sha256 sha256sum -c filename.sha256
If you are not familiar with using “gpg” then skip the first of those commands.
The first of those commands verifies that you have the correct “sha256” file, as signed with an opensuse key. The second verifies that the iso you downloaded matches the checksum. The second command will produce some extraneous output, something like “7 lines badly formatted”. The “sha256” command is complaining that the PGP signature does not look like a sha256 checksum. You can ignore that complaint. Look for the line which says that the downloaded iso file is Okay.
I’ll note that some users might be verifying the download on other systems such as Windows, and may not be able to check sha256 checksums. When the isos are available for me to download (on Wednesday), I will compute the MD5 and SHA1 sums, and put them in a comment to this post.
It looks as if the install isos will be using a bad “shim.efi” (see bug 950569). This works fine on my Lenovo Thinkserver, but hangs on my Dell Inspiron. If you run into this problem, then disable secure-boot in your BIOS. The defective “shim.efi” should boot correctly when secure-boot is disabled. I’m expecting this bug to be fixed real soon now, but it will be too late for the install iso.
If you want to be able to use secure-boot after install, then save a copy of the “shim.efi” from opensuse 13.2, and copy that to “/boot/efi/EFI/opensuse” to replace the shim provided by the installer.
It turns out that download page does include MD5 and SHA1 checksums. However, as indicated above, there is no PGP signature. For that, download the file “openSUSE-Leap-42.1-DVD-x86_64.iso.sha256” and use
Look for the output line that says “openSUSE-Leap-42.1-DVD-x86_64.iso: OK” and ignore the line “sha256sum: WARNING: 15 lines are improperly formatted”.
The files “openSUSE-Leap-42.1-DVD-x86_64.iso.md5” and “openSUSE-Leap-42.1-DVD-x86_64.iso.sha1” do exist on the download site, but those are not PGP signed.
For completeness, here are the checksums for DVD and NET installer isos.
and SHA256 checksums: