Secure Download (HTTPS) for Ubuntu Desktop

Current Ubuntu images come with MD5 and SHA256 checksums. The checksum files are GPG signed with an Ubuntu public key. The public key is obtained verifiably from the Ubuntu keyserver. Easy-to-follow instructions are in How to verify your Ubuntu download.

To add to this, the binary images are signed by the Canonical Master CA, which has a chain of trust to a certificate in your machine's TPM, and will not run if tampered with and you run under SecureBoot.

Short of hopping on your bike and having the people at Ubuntu burn a fresh image while you watch them, I think this really is as good as it gets.


You can easily download ubuntu desktop from https://www.ubuntu.com/download/desktop.

After downloading, you can verify the downloaded ISO using this turtorial (refered at the bottom of the download page): https://tutorials.ubuntu.com/tutorial/tutorial-how-to-verify-ubuntu#0