PAM Software Binary Distribution and Signatures

PAM Binary Components with MD5, SHA512 and PGP signatures

Windows Interactive Setup (md5, sha512, pgp)

Windows CLI Setup (md5, sha512, pgp)

Linux Setup (md5, sha512, pgp)

Offline Setup (md5, sha512, pgp)

WEB GUI and Worker Module (md5, sha512, pgp)

Directory Service Module (md5, sha512, pgp)

Runtime Framework for Windows (md5, sha512, pgp)

Runtime Framework for Linux x86 (md5, sha512, pgp)

Runtime Framework for Linux ARM (md5, sha512, pgp)

WEB Session Manager for Windows (md5, sha512, pgp)

WEB Session Manager for Linux x86 (md5, sha512, pgp)

WEB Session Manager for Linux ARM (md5, sha512, pgp)

Federated Sign-In Module (md5, sha512, pgp)

WEB Container Module (md5, sha512, pgp)

PGP public key fingerprint:

Copy
85CA89FD4F9619F02E5DFB5486C9E8312C12ADD2

PAM Component Integrity

To verify the integrity of each PAM binary, we provide the MD5 and SHA-512 checksums and an OpenPGP signature. After you download any binary, you should calculate a checksum for your download and make sure if matches ours above. You may also match the OpenPGP signature against the provided key file.

Windows Integrity Check

You can use Microsoft methods to check the binary’s checksum or any other method you are comfortable using. In the example below, we will use CertUtil in PowerShell to calculate the hashes.

 

Copy both the downloaded binary and the MD5 or SHA512 hash file to the same directory and from within this location execute the command:

  • MD5:
    Copy
    CertUtil -hashfile <FILE> MD5
  • SHA512:
    Copy
    CertUtil -hashfile <FILE> SHA512

Compare the computed hash to make sure it matches the value from the download hash file.

 

You can verify the PGP signature using the below command, if available, or another Windows-based OpenPGP verification tool like Gpg4win.

  • PGP:
    Copy
    gpg --verify <FILE.asc>

Linux Integrity Check

To verify hashes on Linux, copy both the downloaded binary and the MD5 or SHA512 hash file to the same directory and from within this location execute the command:

  • MD5:
    Copy
    md5sum <FILE>
  • SHA512:
    Copy
    shasum -c <FILE.sha512>

Compare the computed hash to make sure it matches the value from the download hash file.

 

You can verify the PGP signature using the below command from this same directory with the downloaded PGP file:

  • PGP:
    Copy
    gpg --verify <FILE.asc>
  • PGP2:
    Copy
    gpg2 --verify <FILE.asc>

PGP public key:

Copy
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGSRl4EBEADNGVbiiPcNZt8kfeWufYK2IAPMAoMA5qzLcQca593zpMx9XIcF
FSphu0HGfO+jweP6CYRuyoh9TE76y4CV0Lj7RB/KAkcF94YEOr25Y8tiN1Y8m86e
XoO1+isrDBqDoK8sVhISPGhMeuarZlVCeHZ/J1SU/cfRA3XO7fnfjUWUEHnycnP+
FE9Q5UkJ75nNNNgaEkGkKkCKpPqG4LjujJFOo5KyuhjO4BedLSd0tSlOia4sQR3N
qTYBsKZoyaaocgfVepMhk+7ytXIY6NRTlZbkkvxzc2qHTQZCcolr4ySPQ049a79l
LCAUsXZisyz6/NdxTIDgn8rlanxs2WLDcXqaW5EoYbEBcF6zTWtdSiXqINLmF9HR
6K0mlvqEtL/lW3uzVZmujbLkREPiG0rkpsxdp8eZD8IbNkvIbcVxUQlncwc7sx8W
2qPZ2J5a5ILrWEvUH5w9Dsuhmvo0QJMlrkMNkC2k/goGSgjszZgJYhYEydzjU3ug
v9Jv8xe8EoB/RWrppuuGqPLiNFoX6PZG0a/Cp6eSgyekNONydrxc1kriAuNzRniJ
EETk+ODMNufUnk2wIEvLYD4pbdK57i7o0ZksAJ18tjMUTuw4qWG1GC77bgsTTjsY
a5hajl7lZUDQaPDfBU0MfYnquLdOqidxFzsNME3zh/nOszOm4+EUGSySkwARAQAB
tCdJbXByaXZhdGEgUGFtT3BzIDxwYW1vcHNAaW1wcml2YXRhLmNvbT6JAk4EEwEK
ADgWIQSFyon9T5YZ8C5d+1SGyegxLBKt0gUCZJGXgQIbAwULCQgHAgYVCgkICwIE
FgIDAQIeAQIXgAAKCRCGyegxLBKt0mCpD/4hEYLSLOfoJdBqcndNkwQvQq/O1yYW
eSfmHMwwfNl57UzdTB7bAw5vN/saINT0alsT72GImPWpKPJUcjvUeKp0zV4zqzks
7koq7Ny0i9+nI6YpideduQufTdXn2USda2oGLQnSLtJRLATFNceZKZPYWnXtgsJ0
XO5JHLRxt94IhxknuFbOZBxNlV3lnU4jLiVdYkc9lbEEG0G4LxYLWR2LegX1Kb2O
W1kd/sM+IxGAQvCToNbHoXdoa0TAu/o0osdTGEG0J7ztmCnprMHL/u6e/IpahdTy
AapMMJv1UVqmlHU5L75mU9+8WYBvuuSEdbK/RhAa7RO7OdpRsksC0QRtboQ4s3+d
vXMWqsS8CY9NrEyAYIKaGkfRSDIZzO3wF/G/zk9IM7SOpSQRrnc66jooWBS513jS
9u+HU9I6HmAT9syG0ixjl7+BggLvZTBvWyad/+ZxMGk2fV/c6NYgHIFipql9uLfz
FZHsAklEWuKno7F5LKe6647ByDXsH8QfeqLulheY2ls3AhcCgo5a4siWZbs+sdlK
QBbM9tYqTRCZLwrTS8AphAkTiQFE0uwOCL2Gyu619ZWL8k3K7dxhCFh/zDA9WCy4
RTkF4ysBrcNMTAsL+9HNNsYPeNSP5oifC77a3T7ol6Hngw3FgDWXECYbkH8de3Tq
mi4Q4ubk0X1Mjw==
=VlyT
-----END PGP PUBLIC KEY BLOCK-----