4.3.0-rc1 image hash verification failed

rrn · September 9, 2025, 2:16pm

Hi,
I have used the official torrent to download the 4.3 rc-1 iso file just now.
It passes torrent’s built-in integrity verification. I have explicitly clicked “verify” again and it passed.

And the hashes are different from the advertised hash values.

sha1sum:
804ffcb18fb1137dbd2710faea486238ee981932 Qubes-R4.3.0-rc1-x86_64.iso

sha512:
b8dc23dd8a6be83a6e36e95c7d4f6ab2302891c6335307fa4a4a3fc0d17161fc618fbf788d1c59d9f043355cc17f27eaee85a2f1d69f310f6b92781a6c1d31f6 Qubes-R4.3.0-rc1-x86_64/Qubes-R4.3.0-rc1-x86_64.iso

Please advise, thanks!

parulin · September 9, 2025, 5:45pm

How do you verify it? The hash I got is a SHA256 hash.

rrn · September 9, 2025, 7:01pm

It’s weird.

I have downloaded it again from the web server and it has the right content with hash, as expected.

And now the torrent download hash is giving the correct output.
As can be seen, the sha1sum and sha512sum emits the file name as well. For some reason, the torrent download case failed to create the correct hash temporarily. It might be a bug of the file system maybe. I don’t know.