Verification centre

Verify downloads and the public APT repository.

SentinelOS publishes separate trust material for release bundles and for the APT archive. Match fingerprints before trusting either path.

Release signing key

published
Purpose
Signs public bundle checksum files.
Fingerprint
D666 6A58 94F9 90A7 A35C 76A5 FFD1 0F4C F265 2C87
Key
sentinelos-release-key.asc

APT archive key

published
Purpose
Authenticates APT repository metadata.
Fingerprint
1A30 F833 9972 CF43 7256 D14F 60D4 3870 3CF1 F577
Key
sentinelos-archive-key.asc
Bundle verification

Verify the public conversion bundle.

Download the ZIP, checksum, detached signature and release key into the same folder.

gpg --import sentinelos-release-key.asc
gpg --fingerprint D6666A5894F990A7A35C76A5FFD10F4CF2652C87
gpg --verify SentinelOS_Public_v1_AMBROSO_conversion_bundle.zip.sha256.asc SentinelOS_Public_v1_AMBROSO_conversion_bundle.zip.sha256
sha256sum -c SentinelOS_Public_v1_AMBROSO_conversion_bundle.zip.sha256
Repo verification

Verify the public APT endpoint is reachable.

These checks confirm the live repository paths exist before adding the source to apt.

curl -I https://repo.sentinellinux.org/dists/stable/InRelease
curl -I https://repo.sentinellinux.org/dists/stable/main/binary-amd64/Packages.gz
curl -I https://repo.sentinellinux.org/keys/sentinelos-archive-key.asc
APT policy check

Confirm apt sees the public repo.

After adding the source list, the policy output should include https://repo.sentinellinux.org stable/main.

sudo apt update
apt-cache policy sentinel-browser sentinel-program-manager sentinelos-public-converter
Trust model: a valid HTTPS response proves you reached the published endpoint; the APT archive key and signed InRelease metadata authenticate repository contents for apt.