You are not logged in.
Pages: 1
is there a way to verify if your arch usb is not corrupted or anything when you're installing?
Offline
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
Are you asking how to verify the download or how to verify the data was written correctly to the USB?
CLI Paste | How To Ask Questions
Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L
Offline
# cmp archlinux-2022.11.01-x86_64.iso /dev/sdX
Offline
If you don't trust your `dd` command to read and write bytes, why would you trust `cmp` to read bytes twice and compare them?
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
The cmp command should detect any problems with the data that has been written to the USB stick. So if the USB stick is broken the command should expose that.
Offline
True, but dd would almost certainly fail to write it. The odds of there being a hardware error that allowed dd to "think" it wrote successfully that cmp would detect should be infintessimally small and I'm not sure it'd be much higher than a bad device "bit-rotting" in the time between running the cmp command and the boot attempt.
The question is what kind of "corruption" is one trying to prevent against and how likely are those possibilities. The most likely source of unintentional corruption of the data would be during the download. That potential is not trivial at all. And the checksum checks for this. As for deliberate manipulation, the checksum would also protect against MITM of the download and any nefarious hijacking of the mirror to put up a malicious iso ... so long as the valid checksum can is retrieved from a trusted source.
The question seems to be concerning the deliberate / malicious source of errors. A random error would not be of concern for whether the resulting installation created via that bootable iso would be safe. A random error might make the iso fail to boot, or for some utility to not function properly. But these would be obvious as the installation process would fail at some point (it may not be obvious what went wrong, but it'd be obvious that something had gone wrong). The installation process downloads all packages from the mirrors and does not use package data from the iso, so not random errors would be passed along.
If the concern is malicious manipulation of the iso, a cmp of the iso and the block device would not address this at all.
If the concern is "is my usb device malfunctioning" then the answer will come from attempted use. If the install completes, then the usb was good ... or at least good enough.
Last edited by Trilby (2022-11-27 14:53:06)
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
I have two poor man's installation where simple usb sticks playing the part a proper hard disk or ssd should have.
paccheck --list-broken
saved me hours to find the culprit, when some applications didn't work any more.
paccheck is part of pacutils.
Maybe this servers as an answer to the part "to verify ... when you're installing" of the initial post.
Offline
True, but dd would almost certainly fail to write it. The odds of there being a hardware error that allowed dd to "think" it wrote successfully that cmp would detect should be infintessimally small and I'm not sure it'd be much higher than a bad device "bit-rotting" in the time between running the cmp command and the boot attempt.
The question is what kind of "corruption" is one trying to prevent against and how likely are those possibilities. The most likely source of unintentional corruption of the data would be during the download. That potential is not trivial at all. And the checksum checks for this. As for deliberate manipulation, the checksum would also protect against MITM of the download and any nefarious hijacking of the mirror to put up a malicious iso ... so long as the valid checksum can is retrieved from a trusted source.
The question seems to be concerning the deliberate / malicious source of errors. A random error would not be of concern for whether the resulting installation created via that bootable iso would be safe. A random error might make the iso fail to boot, or for some utility to not function properly. But these would be obvious as the installation process would fail at some point (it may not be obvious what went wrong, but it'd be obvious that something had gone wrong). The installation process downloads all packages from the mirrors and does not use package data from the iso, so not random errors would be passed along.
If the concern is malicious manipulation of the iso, a cmp of the iso and the block device would not address this at all.
If the concern is "is my usb device malfunctioning" then the answer will come from attempted use. If the install completes, then the usb was good ... or at least good enough.
what would i have to do to check if there is no malicious manipulation on the usb?
Offline
what would i have to do to check if there is no malicious manipulation on the usb?
Verify the download image. Then you know you're writing a good image to the usb.
CLI Paste | How To Ask Questions
Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L
Offline
Pages: 1