Download Mageia 5 LiveCD GNOME en 32bit CD

$ # You need both iso and checksum file in the same folder
$ md5sum -c Mageia-5-LiveCD-GNOME-en-i586-CD.iso.md5
Mageia-5-LiveCD-GNOME-en-i586-CD.iso: OK 

$ sha1sum -c Mageia-5-LiveCD-GNOME-en-i586-CD.iso.sha1
Mageia-5-LiveCD-GNOME-en-i586-CD.iso: OK 

$ # You can also compare checksum directly from this web page without checksum file
$ md5sum Mageia-5-LiveCD-GNOME-en-i586-CD.iso
bac16a5ff3dfe271d3980c087ddbc5a7  Mageia-5-LiveCD-GNOME-en-i586-CD.iso 

$ sha1sum Mageia-5-LiveCD-GNOME-en-i586-CD.iso
5a962a58c98b317e9d8ab5d70f39db5deca492ea  Mageia-5-LiveCD-GNOME-en-i586-CD.iso 

If checksums do not match, DO NOT use this ISO. Double-check and try to download again.

You can also verify the signature of an ISO. They are also available for download as files: Mageia-5-LiveCD-GNOME-en-i586-CD.iso.md5.gpg og Mageia-5-LiveCD-GNOME-en-i586-CD.iso.sha1.gpg. First you need to import the "Mageia Release" key from a PGP Public Key Server:

$ gpg --keyserver keyserver.ubuntu.com --recv-keys EDCA7A90

In response there should be one of the following lines:

gpg: key EDCA7A90: public key "Mageia Release <release@mageia.org>" imported

or if you already imported the key before:

gpg: key EDCA7A90: "Mageia Release <release@mageia.org>" not changed

Then you need to verify the signature for the ISO.

$ gpg --verify Mageia-5-LiveCD-GNOME-en-i586-CD.iso.sha512.gpg Mageia-5-LiveCD-GNOME-en-i586-CD.iso.sha512

In response there should be lines like:

gpg: Good signature from "Mageia Release <release@mageia.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: B210 76A0 CBE4 D93D 66A9  D08D 835E 41F4 EDCA 7A90

The warning about uncertified signature is expected.