I have downloaded manjaro-lxqt-20.2-201130-linux59.iso. When I verify the signature everything looks fine: (I renamed the signature file)
gpg --verify manjaro-lxqt-20.2-201130-linux59.iso.sig manjaro-lxqt-20.2-201130-linux59.iso
Signature made ma 30 nov 2020 12:39:14 CET
gpg: using RSA key 3B6B8D2B9293A297E1DD1F9E7605992471F3F073
gpg: Good signature from “Frede Hundewadt firstname.lastname@example.org” [unknown]
However the sha1sum does not match. I get:
While the shasum on the site is:
I have redownloaded the iso and tested again with the same result.
anyhow I don’t see how a corrupt iso file could have a correct signature.
I’ve also downloaded manjaro-architect and checked it the same way.
There the shasum and signature were both correct. I did this to see if I made a mistake with shasum.
Could you please check this,