Verifying Downloads from The Stygian Mirror

This mirror provides cryptographic verification for all distributed files.

Step 1: Download the Following

• mirror.sha256
• mirror.sig
• mirror.pubkey.asc

Step 2: Import the Public Key

gpg --import mirror.pubkey.asc

Step 3: Verify the Signature

gpg --verify mirror.sha256.asc mirror.sig

You should see a line like:

gpg: Good signature from "Stygian Mirror <mirror@failzero.net>"

Step 4: Verify the Files

sha256sum -c mirror.sha256

Each line should show OK. Any failures mean the file may be tampered with or corrupted.

Notes

• mirror.sha256.asc is a detached GPG signature of the checksum file.
• Key fingerprint is posted here: fingerprint.txt
• Need help? Contact the operator: @doctator@chatwithus.live

Stay safe out there.
– The Stygian Mirror

back