On Thu, 19 Apr 2018, Valeri Galtsev wrote:> On Wed, April 18, 2018 8:36 pm, Always Learning wrote: >> Hi, >> >> I have a machine with a BIOS that does not permit DVD installation. It >> accepts everything else including some old superseded media types. >> >> Is it possible to download C6 combined parts 1 and 2 not using Torrent ? >> >> I have an aversion to using anything that comes from unknown sources, as >> used by Torrent. > > Paul, you can go directly to the mirror server I maintain, it allows > direct download of DVD images: > > http://bay.uchicago.edu/centos > > You may prefer mirror geographically closer to you.Can we also challenge this "torrents are untrustworthy" attitude. You can be given an ISO from a shady character under a railway bridge, and as long as the ISO matches the checksums you can source directly from the CentOS https site (https://wiki.centos.org/Manuals/ReleaseNotes/CentOS7), it's as good as any other copy that's ever been in existence. Why is a torrent source any worse than a copy off any of the official mirrors? Also, why not just make your life easy and do a netinstall? That way you don't have to try to do anything you're not comfortable with. jh
On Thu, 2018-04-19 at 09:40 +0100, John Hodrien wrote:> > On Wed, April 18, 2018 8:36 pm, Always Learning wrote:> >> I have an aversion to using anything that comes from unknown sources, as > >> used by Torrent.> Can we also challenge this "torrents are untrustworthy" attitude.Having, successfully so far, resisted/repelled several devious attacks from the Russians, I am keen to maintain a clean, and thus secure, system as possible.> You can be given an ISO from a shady character under a railway bridge,I'd throw it away unused. Do not want the associated risks.> Also, why not just make your life easy and do a netinstall?That's a good idea. Never done one of them before. I can put C6 on a CD and a USB and boot from either.> That way you > don't have to try to do anything you're not comfortable with.Comfort-ability is not my criteria. The BIOS is supposed to be 4 or 5 years old. It won't boot from DVDs, yet it will boot from zip disks and other historic relics (LH120, I think one of the other choices was). Have a nice day. Thank you. -- Regards, Paul. England, EU. England's place is in the European Union.
On Thu, 19 Apr 2018, Always Learning wrote:> On Thu, 2018-04-19 at 09:40 +0100, John Hodrien wrote: > >>> On Wed, April 18, 2018 8:36 pm, Always Learning wrote: > >>>> I have an aversion to using anything that comes from unknown sources, as >>>> used by Torrent. > >> Can we also challenge this "torrents are untrustworthy" attitude. > > Having, successfully so far, resisted/repelled several devious attacks from > the Russians, I am keen to maintain a clean, and thus secure, system as > possible. > >> You can be given an ISO from a shady character under a railway bridge, > > I'd throw it away unused. Do not want the associated risks.This is where you're making a mistake. If you're verifying checksums, you're not taking an additional risk, beyond the risk of a hash collision. If you're worried about sha256 hash collisions, I think you're worrying about the wrong things. The important bit is getting the hash from a secure source, and bothering the check it. jh
> > Can we also challenge this "torrents are untrustworthy" attitude. > > Having, successfully so far, resisted/repelled several devious > attacks from the Russians, I am keen to maintain a clean, and thus > secure, system as possible.If you don't trust the sha256 hashes, there's no reason to trust a download using https. -- Yves Bellefeuille <yan at storm.ca>
On Thu, 19 Apr 2018, John Hodrien wrote:>On Thu, 19 Apr 2018, Valeri Galtsev wrote: >>On Wed, April 18, 2018 8:36 pm, Always Learning wrote:>>>I have a machine with a BIOS that does not permit DVD installation. It >>>accepts everything else including some old superseded media types.Doesn't sound 4 to 5 years old, sounds 14 or 15 years old.>>>Is it possible to download C6 combined parts 1 and 2 not using Torrent ?Only manually as they are distinct ISO images, each of which would have to be obtained first then some work done to merge them. The CentOS project could produce an all-on-one image but I don't know if it would be popular enough for them to expend the energy -- maybe see if a SIG can be formed for the purpose.>Why is a torrent source any worse than a copy off any of the official mirrors?No reason should be necessary, but I've found it difficult to explain to security departments, and from time to time it attracts unwanted attention and can take a while for the incoming connections to stop (on a very limited bandwidth and/or high RTT service this can be quite annoying).>Also, why not just make your life easy and do a netinstall? That way you >don't have to try to do anything you're not comfortable with.Typically because a network connection isn't available and/or wanted during install. There's also the CentOS provided iPXE service if netinstall is acceptable, or a local netinstall e.g., using cobbler. /mark
On 19 April 2018 at 05:04, Always Learning <centos at u68.u22.net> wrote:> > On Thu, 2018-04-19 at 09:40 +0100, John Hodrien wrote: > >> > On Wed, April 18, 2018 8:36 pm, Always Learning wrote: > >> >> I have an aversion to using anything that comes from unknown sources, as >> >> used by Torrent. > >> Can we also challenge this "torrents are untrustworthy" attitude. > > Having, successfully so far, resisted/repelled several devious attacks > from the Russians, I am keen to maintain a clean, and thus secure, > system as possible. > >> You can be given an ISO from a shady character under a railway bridge, > > I'd throw it away unused. Do not want the associated risks. > >> Also, why not just make your life easy and do a netinstall? > > That's a good idea. Never done one of them before. I can put C6 on a CD > and a USB and boot from either. > >> That way you >> don't have to try to do anything you're not comfortable with. > > Comfort-ability is not my criteria. The BIOS is supposed to be 4 or 5 > years old. It won't boot from DVDs, yet it will boot from zip disks and > other historic relics (LH120, I think one of the other choices was). >As with others.. this sounds 15 years old. If it says it is 4 or 5 years old.. I would be more leery of the hardware than torrents. (And I am very very leery of torrents but mostly because I spend time explaining to people that if your university blocks them I can't fix it for you). In any case, I would do the following: Get a cdrom with CD1 data as this installs 99% of my systems I have dealt with. [I think out of a couple hundred, that 2 or 3 needed anything from the second disk when installing some obscure thing.] The second disk is mostly stuff you can install later. If you need more than that, you need to mirror the distribution locally and set up a pxe/tftpboot system which points to that mirror. -- Stephen J Smoogen.
On Thu, 2018-04-19 at 14:22 -0700, Mark Milhollan wrote:> >>On Wed, April 18, 2018 8:36 pm, Always Learning wrote:> >>>I have a machine with a BIOS that does not permit DVD installation. It > >>>accepts everything else including some old superseded media types.> Doesn't sound 4 to 5 years old, sounds 14 or 15 years old.I agree. The machine was brought, new, and received on 22 February 2013.>From memory the BIOS displays "2013".-- Regards, Paul. England, EU. England's place is in the European Union.