Ubuntu Cloud Images
Ubuntu Cloud Images are the official Ubuntu images customized by Canonical to run on public clouds, Openstack, LXD and more.
Published on updated on
Ubuntu Cloud Images are the official Ubuntu images that have been customised by Canonical to run on public clouds that provide Ubuntu Certified Images, Openstack, LXD and more.
Select image
The Ubuntu Cloud Images site contains many images and the Image locator should be helpful … and probably is but I prefer to select the minimal or standard server releases:
and while I am there, I download the file with the hashes and its signature. Example:
- QCow2 UEFI/GPT Bootable disk image noble-server-cloudimg-amd64.img
- File system image and Kernel packed noble-server-cloudimg-amd64.tar.gz
- Hashes SHA256SUMS
- Signature of the file with hashes SHA256SUMS.gpg
Note: the same file may have multiple names, depending on the link where it is accessed. Example: noble-server-cloudimg-amd64.img have the same content as ubuntu-24.04-server-cloudimg-amd64.img .Check the hashes if you want.
Download image
wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img
wget https://cloud-images.ubuntu.com/noble/current/SHA256SUMS
wget https://cloud-images.ubuntu.com/noble/current/SHA256SUMS.gpg
Make the downloaded image read-only because if you test it with QEMU or another tool it may be modified.
chmod 400 noble-server-cloudimg-amd64.img
Verify image
First check the integrity of SHA256SUMS
:
gpg --keyid-format long --verify SHA256SUMS.gpg SHA256SUMS
If you get a message like:
gpg: Signature made Mi 09 oct 2024 03:23:30 +0300 EEST
gpg: using RSA key D2EB44626FDDC30B513D5BB71A5D6C4C7DB87C81
gpg: Can't check signature: No public key
then you have to install the missing key:
gpg --keyid-format long \
--keyserver hkp://keyserver.ubuntu.com \
--recv-keys 0xD2EB44626FDDC30B513D5BB71A5D6C4C7DB87C81
gpg: key 1A5D6C4C7DB87C81: public key "UEC Image Automatic Signing Key <cdimage@ubuntu.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
and check again:
gpg --keyid-format long --verify SHA256SUMS.gpg SHA256SUMS
For a correct file the result should look like:
gpg: Signature made Mi 09 oct 2024 03:23:30 +0300 EEST
gpg: using RSA key D2EB44626FDDC30B513D5BB71A5D6C4C7DB87C81
gpg: Good signature from "UEC Image Automatic Signing Key <cdimage@ubuntu.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: D2EB 4462 6FDD C30B 513D 5BB7 1A5D 6C4C 7DB8 7C81
The Good signature message means that the integrity of SHA256SUMS
’s is verified with success but BAD signature means that SHA256SUMS
or SHA256SUMS.gpg
is incorrect.
Check the hash of the image:
sha256sum --ignore-missing -c SHA256SUMS
noble-server-cloudimg-amd64.img: OK
Next step
See the Debian, Ubuntu and cloud-init article.