[GH-ISSUE #31] Checksum images #1557

New issue

Closed

opened 2026-03-01 18:34:23 +03:00 by kerem · 8 comments

kerem commented 2026-03-01 18:34:23 +03:00

Owner

Copy link

Originally created by @avindra on GitHub (Jan 14, 2016).
Original GitHub issue: https://github.com/netbootxyz/netboot.xyz/issues/31

Would it be possible to do a checksum (preferably SHA256) of all the images after they are downloaded?

Originally created by @avindra on GitHub (Jan 14, 2016). Original GitHub issue: https://github.com/netbootxyz/netboot.xyz/issues/31 Would it be possible to do a checksum (preferably SHA256) of all the images after they are downloaded?

kerem 2026-03-01 18:34:23 +03:00

• closed this issue
• added the
  enhancement
  label

kerem commented 2026-03-01 18:34:24 +03:00

Author

Owner

Copy link

@antonym commented on GitHub (Jan 14, 2016):

There's a provision in iPXE for signing images and then verifying their signatures:

http://ipxe.org/cmd/imgverify
http://ipxe.org/crypto

At some point I'll look into the feasibility of doing so, at the very least on some of the lesser known mirrors/images.

<!-- gh-comment-id:171499654 --> @antonym commented on GitHub (Jan 14, 2016): There's a provision in iPXE for signing images and then verifying their signatures: http://ipxe.org/cmd/imgverify http://ipxe.org/crypto At some point I'll look into the feasibility of doing so, at the very least on some of the lesser known mirrors/images.

kerem commented 2026-03-01 18:34:24 +03:00

Author

Owner

Copy link

@dbohdan commented on GitHub (Jan 18, 2016):

@antonym This would be excellent.

If you do implement signature checking consider doing it for all images and mirrors. The most-downloaded images may be hosted on servers that are better maintained but they also represent the most desirable target for attackers.

<!-- gh-comment-id:172527455 --> @dbohdan commented on GitHub (Jan 18, 2016): @antonym This would be excellent. If you do implement signature checking consider doing it for all images and mirrors. The most-downloaded images may be hosted on servers that are better maintained but they also represent the most desirable target for attackers.

kerem commented 2026-03-01 18:34:24 +03:00

Author

Owner

Copy link

@avindra commented on GitHub (Jan 20, 2016):

The most-downloaded images ... represent the most desirable target for attackers.

Agree. We should be cognizant of this when making modern infrastructure tooling.

<!-- gh-comment-id:173221408 --> @avindra commented on GitHub (Jan 20, 2016): > The most-downloaded images ... represent the most desirable target for attackers. Agree. We should be cognizant of this when making modern infrastructure tooling.

kerem commented 2026-03-01 18:34:24 +03:00

Author

Owner

Copy link

@antonym commented on GitHub (Feb 4, 2016):

The groundwork is now laid out for checking all images being downloaded. I'm currently generating signatures of the netboot.xyz sources during deployment and then verifying as each menu item is loaded. The next step will be to verify the signatures of the remotely downloaded images which I'll probably have time for in the next week or two.

<!-- gh-comment-id:179846654 --> @antonym commented on GitHub (Feb 4, 2016): The groundwork is now laid out for checking all images being downloaded. I'm currently generating signatures of the netboot.xyz sources during deployment and then verifying as each menu item is loaded. The next step will be to verify the signatures of the remotely downloaded images which I'll probably have time for in the next week or two.

kerem commented 2026-03-01 18:34:24 +03:00

Author

Owner

Copy link

@mirabilos commented on GitHub (Apr 25, 2016):

Is there any way to delegate sigining for particular images to the project responsible for them? The imgverify command has a --signer option; this would allow you to use your own main signature key for netboot.xyz itself and those images signed by you, and allow me to re-sign the MirBSD images every time I upload an updated snapshot (it’s a -current image, i.e. updated occasionally, as we’re not doing formal releases at the moment).

<!-- gh-comment-id:214284456 --> @mirabilos commented on GitHub (Apr 25, 2016): Is there any way to delegate sigining for particular images to the project responsible for them? The `imgverify` command has a `--signer` option; this would allow you to use your own main signature key for netboot.xyz itself and those images signed by you, and allow me to re-sign the MirBSD images every time I upload an updated snapshot (it’s a -current image, i.e. updated occasionally, as we’re not doing formal releases at the moment).

kerem commented 2026-03-01 18:34:24 +03:00

Author

Owner

Copy link

@antonym commented on GitHub (Apr 26, 2016):

Right now I'm retrieving the binaries remotely at a point in time and signing them. It's super rough and I haven't had a ton of time to work on it recently. I still need to have it only resign when needed instead of every time I run the job. The rolling releases make it more difficult because then they can potentially break and there's not really a good way to alert me about that yet other than setting up a periodic check.

My signature retrieval scripts and generators are here:

https://github.com/antonym/netboot.xyz-sigs/blob/master/generate-bsd-sigs.sh

<!-- gh-comment-id:214871684 --> @antonym commented on GitHub (Apr 26, 2016): Right now I'm retrieving the binaries remotely at a point in time and signing them. It's super rough and I haven't had a ton of time to work on it recently. I still need to have it only resign when needed instead of every time I run the job. The rolling releases make it more difficult because then they can potentially break and there's not really a good way to alert me about that yet other than setting up a periodic check. My signature retrieval scripts and generators are here: https://github.com/antonym/netboot.xyz-sigs/blob/master/generate-bsd-sigs.sh

kerem commented 2026-03-01 18:34:24 +03:00

Author

Owner

Copy link

@mirabilos commented on GitHub (Apr 26, 2016):

Antony Messerli dixit:

Right now I'm retrieving the binaries remotely at a point in time and
signing them.

Hmm. In this case, please do not do that for MirBSD, as it’ll
break when we publish newly generated images, which are done
“occasionally”.

It's super rough and I haven't had a ton of time to work on it
recently. I still need to have it only resign when needed instead of
every time I run the job. The rolling releases make it more difficult

Sure, I understand it’s all on spare time, same here ☺

bye,
//mirabilos

<!-- gh-comment-id:214910372 --> @mirabilos commented on GitHub (Apr 26, 2016): Antony Messerli dixit: > Right now I'm retrieving the binaries remotely at a point in time and > signing them. Hmm. In this case, please do _not_ do that for MirBSD, as it’ll break when we publish newly generated images, which are done “occasionally”. > It's super rough and I haven't had a ton of time to work on it > recently. I still need to have it only resign when needed instead of > every time I run the job. The rolling releases make it more difficult Sure, I understand it’s all on spare time, same here ☺ bye, //mirabilos

kerem commented 2026-03-01 18:34:25 +03:00

Author

Owner

Copy link

@antonym commented on GitHub (Nov 13, 2018):

Cleaning up, this was implemented a while ago for quite a few of the OS distros and additional checks will be added as needed.

<!-- gh-comment-id:438137685 --> @antonym commented on GitHub (Nov 13, 2018): Cleaning up, this was implemented a while ago for quite a few of the OS distros and additional checks will be added as needed.

kerem referenced this issue 2026-03-01 18:42:21 +03:00

[PR #1557] [MERGED] Release 2.0.84 #3004

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

development

copilot/add-doc-for-issue-1780

add-ubuntu-26.04

renovate/ansible-13.x

master

RC

changelog/3.0.1

feat/enable-rolling-builds

feat/secureboot-shim-devuan-kali

feature/secureboot-release-artifacts

copilot/sub-pr-1738

claude/issue-1703-20251117-0231

claude/issue-1703-20251117-0226

claude/issue-1703-20251117-0220

copilot/add-regex-manager-for-workflow-files

copilot/update-install-dependencies-step

copilot/fix-6503c0f7-4459-4828-8fe9-0b7f297ed932

claude/issue-1672-20250912-0331

testing

kairos_support

test

antonym/add-mac-pass

3.0.1

3.0.1-RC

3.0.0

3.0.0-RC

2.0.89

2.0.89-RC

2.0.88-RC

2.0.88

2.0.87-RC

2.0.87

2.0.86

2.0.86-RC

2.0.85

2.0.85-RC

2.0.84

2.0.84-RC

2.0.83

2.0.83-RC

2.0.82-RC

2.0.82

2.0.81-RC

2.0.81

2.0.80

2.0.80-RC

2.0.79

2.0.79-RC

2.0.78

2.0.78-RC

2.0.77-RC

2.0.77

2.0.76

2.0.76-RC

2.0.75

2.0.75-RC

2.0.74

2.0.74-RC

2.0.73

2.0.73-RC

2.0.72

2.0.72-RC

2.0.71

2.0.71-RC

2.0.70

2.0.70-RC

2.0.69

2.0.69-RC

2.0.68

2.0.68-RC

2.0.67

2.0.67-RC

2.0.66

2.0.66-RC

2.0.65

2.0.65-RC

2.0.64

2.0.64-RC

2.0.63

2.0.63-RC

2.0.62

2.0.62-RC

2.0.61

2.0.61-RC

2.0.60

2.0.60-RC

2.0.59

2.0.59-RC

2.0.58

2.0.58-RC

2.0.57

2.0.57-RC

2.0.56

2.0.56-RC

2.0.55

2.0.55-RC

2.0.54

2.0.54-RC

2.0.53

2.0.53-RC

2.0.52

2.0.52-RC

2.0.51

2.0.51-RC

2.0.50

2.0.50-RC

2.0.49

2.0.49-RC

2.0.48

2.0.48-RC

2.0.47

2.0.47-RC

2.0.46

2.0.46-RC

2.0.45

2.0.45-RC

2.0.44

2.0.44-RC

2.0.43

2.0.43-RC

2.0.42

2.0.42-RC

2.0.41

2.0.41-RC

2.0.40

2.0.40-RC

2.0.39

2.0.39-RC

2.0.38

2.0.38-RC

2.0.37

2.0.37-RC

2.0.36

2.0.36-RC

2.0.35

2.0.35-RC

2.0.34

2.0.34-RC

2.0.33

2.0.33-RC

2.0.32

2.0.32-RC

2.0.31

2.0.31-RC

2.0.30

2.0.30-RC

2.0.29

2.0.29-RC

2.0.28

2.0.28-RC

2.0.27

2.0.27-RC

2.0.26

2.0.26-RC

2.0.25

2.0.25-RC5LI

2.0.25-RC

2.0.24

2.0.24-RC

2.0.23

2.0.23-RC

2.0.22

2.0.22-RC

2.0.21

2.0.21-RC

2.0.20

2.0.20-RC

2.0.19

2.0.19-RC

2.0.18

2.0.18-RC

2.0.17

2.0.17-RC

2.0.16

2.0.16-RC

2.0.15

2.0.15-RC

2.0.14

2.0.14-RCZQD

2.0.14-RC

2.0.13

2.0.13-RC17N

2.0.13-RC

2.0.12

2.0.12-RC

2.0.11

2.0.10

2.0.10-RC

2.0.9

2.0.9-RC2N0

2.0.9-RC

2.0.8

2.0.8-RC

2.0.7

2.0.7-RC

2.0.6

2.0.6-R1-RC

2.0.6-RC

2.0.5

2.0.5-RC

2.0.4

2.0.4-RC

2.0.3

2.0.3-RC

2.0.2

2.0.2-RC

2.0.1

2.0.1-RC

2.0.0

2.0.0-RC

1.9.91-RC

1.9.9

1.9.9-RC

1.9.8-RC

1.0.0

1.9.7-RC

Labels

Clear labels   

Hacktoberfest

  

Hacktoberfest

  

bootloader

  

bsd

  

bug

  

confirmed

  

documentation

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

eol

  

experimental-merged

  

freebsd

  

help wanted

  

invalid

  

investigate

  

ipxe

  

linux

  

live-os

  

memdisk

  

menu

  

no-issue-activity

  

no-issue-activity

  

pull-request

Mirrored from GitHub Pull Request

  

released

  

todo

  

upstream

  

windows

  

windows

  

work-in-progress

No labels

Hacktoberfest

Hacktoberfest

bootloader

bsd

bug

confirmed

documentation

duplicate

enhancement

enhancement

enhancement

eol

experimental-merged

freebsd

help wanted

invalid

investigate

ipxe

linux

live-os

memdisk

menu

no-issue-activity

no-issue-activity

pull-request

released

todo

upstream

windows

windows

work-in-progress

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/netboot.xyz#1557

No description provided.