User:Davidbryant

From Gentoo Wiki
Jump to: navigation, search
Davidbryant
Name David Bryant
Nickname davidbryant
Email davidbryant@gvtc.com
PGP fingerprint
1CA541F09652E6CE992F7E1AFD9790BC4C87B7C0



Gentoo user since 2020/06/01

Hi! My name is David Bryant. I was born in Alaska, attended college in Pasadena, California (Caltech), and worked as an actuary and as an assembly language programmer (IBM S/360 & S/370) for many years, mostly in Denver, Colorado. I'm now retired and living in Canyon Lake, Texas.

I've been using Linux since 2003, mostly openSUSE until recently. A friend of mine, Jack Ostroff, is an avid fan of Gentoo Linux, so about four weeks ago I downloaded the .iso image and started building a Gentoo system. After a couple of false starts I succeeded in getting it working moderately well. I signed up for this wiki because there are a few things in the AMD64 handbook that were not real clear during the installation process: I intend to make a few suggestions about clarifying some ambiguities.

If you'd like to learn more about me, please feel free to visit my personal web site at https://davidcbryant.net. Or drop me a line on my talk page.

--Davidbryant (talk) 15:00, 29 June 2020 (UTC)

Developing Windows help for the "Handbook"

I've been involved in a long discussion of the "Handbook:AMD64" wiki pages. I'm cooking up some replacement verbiage for section 3.2.1 of "Choosing the right installation medium". I'll construct it here, on my own page, before suggesting it on a talk page. --Davidbryant (talk) 14:19, 20 July 2020 (UTC)

Microsoft Windows based verification

Microsoft Windows has provided hash function support (DOS command certutil) since the introduction of Windows 7 in 2009. Windows does not support GPG cryptography. Cryptographic software (gpg4win) must be installed to verify the Gentoo Engineering Team's signature on the DIGESTS.asc file that contains hash sums for validating the .iso installation file. (This step is optional.)

To verify the hash sums cryptographically, download and install the GPG4Win program. This is easy -- download the self-extracting archive from the GPG4Win web site, then run the downloaded .exe file. This will add a program named kleopatra to the Windows start menu.

Next, download a copy of the Gentoo Engineering Team's signing key by pointing a web browser to https://gentoo.org/.well-known/openpg/hu/wtktzo4gyuhzu8a4z5fdj3fgmr1u6tob?l=releng, and saving the "octet-stream" file to your hard disk somewhere. Use any desired filename, but be sure to specify the .asc filename extension. Then, add the downloaded Gentoo keys to your key ring using kleopatra. Fire up kleopatra from the Windows start menu. Choose "Import" from kleopatra's "File" menu, then select the downloaded octet-stream file.

The cryptographic signature on the DIGESTS.asc file downloaded in the preceding step can now be verified. Select "Decrypt/Verify" from kleopatra's "File" menu, then open the DIGESTS.asc file downloaded previously. Click "Show Audit Log", and compare the fingerprint in the audit log to the fingerprint for Gentoo Engineering shown on the signatures page. They should match.

Even if the optional cryptographic validation step is omitted, the SHA512 checksum total for the Gentoo .iso file should be verified before burning a bootable CD-ROM or etching a USB stick. This can be done with the certutil program, which is, most likely, already installed in your copy of Windows. Start up a 32-bit DOS prompt (either Windows System --> Command Prompt, or Windows PowerShell --> Windows PowerShell (x86), from the "Start" menu) and navigate to the folder where you downloaded the Gentoo .iso file. The following example assumes the file is in your "Downloads" folder.

PS Users\yourname\Downloads $dir *.iso
Directory: C:\Users\yourname\Downloads
Mode                LastWriteTime         Length Name
----                -------------         ------ ----
-a----        7/19/2020   2:09 PM      442499072 install-amd64-minimal-20200715T214503Z.iso

Once the .iso file has been located, tell Windows to compute a hash total (SHA512SUM) for that file.

PS Users\yourname\Downloads $certutil -hashfile install-amd64-minimal-20200715T214503Z.iso SHA512
SHA512 hash of install-amd64-minimal-20200715T214503Z.iso:
449dd80f59033f5f273db99b56523d1abd96a8ed7a7d478b5370f72c4c62c638eb1a1a1c180a58505b65db79255011b6e73a1def7828f370b8db012b11f34626
CertUtil: -hashfile command completed successfully.

Finally, open the DIGESTS.asc file with the Notepad editor. The SHA512 hash total shown there should match the hash total computed by certutil. If the totals do not match, either the Gentoo installation file or the DIGESTS.asc file -- or possibly both of them -- was/were not downloaded correctly.

New Stuff

"Those who like the user interface of fdisk can use gdisk (GPT fdisk) as an alternative to parted."

This is misleading, because Gentoo has replaced "gdisk" with "fdisk". The following is from my Gentoo installation.

user $fdisk /dev/sda -l
Disk /dev/sda: 931.53 GiB, 1000204886016 bytes, 1953525168 sectors
Disk model: ST1000DM010-2EP1
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: gpt
Disk identifier: 51236531-6D95-4F3E-813E-971F4E1713D1

Device          Start        End   Sectors  Size Type
/dev/sda1        2048   16001023  15998976  7.6G Linux swap
/dev/sda2    16001024   17000447    999424  488M EFI System
/dev/sda3    17000448   81000447  64000000 30.5G Linux filesystem
...
user $gdisk /dev/sda -l
-su: gdisk: command not found

So gdisk no longer exists, and ought not be mentioned. How about this?

Those who prefer fdisk's user interface may use fdisk with either a GPT or an MBR partition scheme.

Note to myself: "Open Discussions" stand at 348 as of 9 August 2020.

347 -- 13 August.

Sandbox

Using this area for experimental purposes.

Testing some Templates.