The SHA256 checksums (hash values) and PGP-Signatures for the components will be delivered separately, to ensure the validity of the packages.
Prior to the installation, each component’s checksum has to be checked and verified (e.g. sha256sum for Linux Systems with bash shell) with the delivered checksums.
If any differences are encountered between a component’s checksum and the corresponding verification checksum, the package must not be installed.
|