I am a totally new CoreELEC user. I have just downloaded the image for my device, however I can not find checksum and signature files to verify its integrity. My internet connection is pretty unstable, so I really need to do it.
I need these files for CoreELEC-Amlogic-ng.arm-19.5-Matrix-Odroid_N2.img.gz
The checksums for the update are inside the build. System and kernel images are checked.
I guess you want to check the integrity before flashing?
Or for security purposes? Checksums alone are only useful to check if there was data corruption (which is checked internally in the update process).
If you want to make sure a certain downloaded file really came from CE we would have to sign it with GPG.
Thanks, but it is not necessary anymore. I have already downloaded an image several times and then compared checksums of each download. Everything is ok.
Yes, I used to want checking the integrity before flashing, just to be sure in case of problems what went wrong: download or flashing.
GPG signatures would be nice for the future, but I it is just a home entertainment system, not a security focused solution for servers and most of users probably would not verify these images, so I understand if you do not want to publish them.