Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerUpdate Packages Version 15.06.00
11121314151617181920
f for force.
r for reboot if a reboot is required for the type of update being performed.
In the following command example, the command applies a BIOS DUP without any user confirmation,
forces the execution in the case of a downgrade from a more recent BIOS version, and reboots the
system after the DUP is applied. This command is executed provided the DUP satisfies all the system and
version requirements.
BIOS_XR23Y_LN_1.2.8.BIN q f r
For more information on the command line interface (CLI), see Command Line Interface Reference.
Verifying the Digital Signature
A digital signature is used to authenticate the identity of the signer of an Update Package and to certify
that the original content is unchanged. Digital signature of DUPs provide a reliable and trustful method of
authentication.
Verifying the digital signature ensures that the original Update Package was received correctly and that
the content has not been modified since it was signed.
NOTE: Verifying the digital signature is applicable for systems running Windows and Linux.
Verifying the Digital Signature on Systems Running Linux
If you do not already have it installed on your system, you must install the Gnu Privacy Guard (GPG) to
verify a Linux DUP digital signature. To use the standard verification procedure, perform the following
steps:
1. Get the Dell Linux public GnuPG key, if you do not already have it. You can download it by navigating
to lists.us.dell.com and clicking the Dell Public GPG key link.
2. Import the public key to the gpg trust database by running the following command: gpg --import
<Public Key Filename>
NOTE: You must have a private key to complete the process.
3. To avoid a distrusted-key warning, validate the public key by its fingerprint before you use it.
a. Type the following command: gpg --edit-key 23B66A9D
b. In the GPG key editor, type fpr. The following message appears: pub 1024D/23B66A9D
2001-04-16 Dell, Inc. (Product Group) <linuxsecurity@dell.com> Primary
key fingerprint: 4172 E2CE 955A 1776 A5E6 1BB7 CA77 951D 23B6 6A9D. If the
fingerprint of the imported key is the same as the key owner's, you have a correct copy of the
key. You can verify the key's owner in person, over the phone, or by any other means that
guarantees that you are communicating with the key's true owner.
c. While still in the key editor, type sign.
d. Answer the list of trust-validation questions that appear and create a passphrase to use as the
secret key. You must import and validate the public key only once.
4. Obtain the Linux DUP and its associated signature file from dell.com/support/manuals/downloads.
NOTE: Each Linux DUP has a separate signature file, which is displayed along with the DUP. You
need both the DUP and its associated signature file for verification. By default, the signature file
is named the same as the DUP filename with a sign extension.
5. Verify the DUP using the following command: gpg --verify <Linux Update Package signature
filename> <Linux Update Package filename>.
13