I want to install Ubuntu, and I'm switching from Windows 10.
I've heard that some people will check the integrity of the ISO image. Should I do this and if so, why?
I want to install Ubuntu, and I'm switching from Windows 10.
I've heard that some people will check the integrity of the ISO image. Should I do this and if so, why?
Media Checks
As KGIII said - modern releases (20.04 and later) automatically scan. I for sure let that scan occur (on the first boot of the day; I tend to skip it if rebooted in the same box on the same day).
If you don't want to check beforehand, you can switch to a terminal (post-install) and always do a
dmesg |grep squashfs
and look for errors. A standard install should find only the copyright messages when dmesg
is scanned; if any other lines appear with squashfs I'd read them as the install is likely not trustworthy.
ISO image Validation
As for ISO image validation pre-write, or How to verify your Ubuntu download, I download using zsync
and it checks the integrity of the ISO image at the conclusion of download; I tend to trust that, and just do the self-scan on boot.
If using an older release (pre-20.04), I'll always also do a manual CD integrity check, primarily as the write to USB-media I've found the most troublesome (I have 10+ failures per year, even if that's a smallish percentage of writes; it's still significant).
If I download via a torrent, I tend to do a quick sha256sum
check against the checksum file I downloaded using wget
on a different device. I tend to perform this check on ISO image files downloaded previously anyway.
Why do it?
The checks take seconds to maybe a minute. If you have a single bit wrong, the debugging the installation or corrupted data could take hours if you're lucky, but more likely days-weeks-months.
There are generally at least one bug report filed per day (on launchpad; I monitor via #ubuntu-bugs-announce), reported by users who've been having problems with they consider a bug that would have been prevented by these checks. The bug reports are just marked INVALID and given a quick paste with a couple of lines from their dmesg
output). So I see on a very regular basis users wasting hours trying to repeat processes that will never work (often over days), because they skipped these checks and thus are starting with corrupted media where problems should be expected.
I see it as a very cheap insurance.