When using a precompiled binary, it is highly recommended to ensure the file has not been corrupted in transit or tampered with. For this, our build pipeline generates a hashfile to be used to cryptographically verify its integrity via GPG signature and the corresponding binary via checksum hash.
The process can be a little involved when performed manually, so we’ve
scripted the process and made it available for the client via
curl -fsSL https://get.wireleap.com -o get-wireleap.sh sh get-wireleap.sh $HOME/wireleap --symlink=$HOME/.local/bin/wireleap
The above will verify your environment’s compatibility, download the
latest client binary as well as the associated hash file (in a
quarantine folder), cryptographically verify the hashfile’s integrity
via GPG signature (in a temporary keyring), and subsequently the signed
checksum hash of the binary.
If all checks pass, it will release the binary from quarantine, initialize the client in the specified directory, and create a symlink.
Previous ArticleAutomatic relay upgrades