Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris. # Memverifikasi tanda tangan paket CloudWatch agen File tanda tangan GPG disertakan untuk paket CloudWatch agen di server Linux. Anda dapat menggunakan kunci publik untuk memverifikasi file unduhan agen asli dan tidak dimodifikasi. Untuk Server Windows, Anda dapat menggunakan MSI untuk memverifikasi tanda tangan tersebut. Untuk komputer macOS, tanda tangan disertakan dalam paket unduhan agen. Untuk menemukan file tanda tangan yang benar, gunakan tabel berikut. Untuk setiap arsitektur dan sistem operasi, Anda dapat melihat tautan dan tautan umum untuk setiap Wilayah. Jika Anda menggunakan tautan khusus Wilayah, ganti Region (*us-east-1*) default dengan Region yang sesuai untuk akun Anda. Misalnya, untuk Amazon Linux 2023 dan Amazon Linux 2 dan arsitektur x86-64, tiga tautan yang valid adalah: + `https://amazoncloudwatch-agent.s3.amazonaws.com/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm.sig` + `https://amazoncloudwatch-agent-us-east-1.s3.us-east-1.amazonaws.com/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm` + `https://amazoncloudwatch-agent-eu-central-1.s3.eu-central-1.amazonaws.com/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm` **catatan** Untuk mengunduh CloudWatch agen, koneksi Anda harus menggunakan TLS 1.2 atau yang lebih baru. | Arsitektur | Platform | Tautan unduhan | Tautan file tanda tangan | | --- | --- | --- | --- | | x86-64 | Amazon Linux 2023 dan Amazon Linux 2 | https://amazoncloudwatch-agent.s3.amazonaws.com/amazon\$1linux/amazon-cloudwatch-agentamd64/terbaru/ .rpm https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/amazon\$1linux/amd64/latest/amazon-cloudwatch-agent.rpm | https://amazoncloudwatch-agent.s3.amazonaws.com/amazon\$1linux/amazon-cloudwatch-agentamd64/terbaru/ .rpm.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/amazon\$1linux/amd64/latest/amazon-cloudwatch-agen.rpm.sig | | x86-64 | Centos | https://amazoncloudwatch-agent.s3.amazonaws.com/centos/amazon-cloudwatch-agentamd64/terbaru/ .rpm https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/centos/amd64/latest/amazon-cloudwatch-agent.rpm | https://amazoncloudwatch-agent.s3.amazonaws.com/centos/amazon-cloudwatch-agentamd64/terbaru/ .rpm.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/centos/amd64/latest/amazon-cloudwatch-agen.rpm.sig | | x86-64 | Redhat | https://amazoncloudwatch-agent.s3.amazonaws.com/redhat/amazon-cloudwatch-agentamd64/terbaru/ .rpm https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/redhat/amd64/latest/amazon-cloudwatch-agent.rpm | https://amazoncloudwatch-agent.s3.amazonaws.com/redhat/amazon-cloudwatch-agentamd64/terbaru/ .rpm.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/redhat/amd64/latest/amazon-cloudwatch-agen.rpm.sig | | x86-64 | SEGAR | https://amazoncloudwatch-agent.s3.amazonaws.com/suse/amazon-cloudwatch-agentamd64/terbaru/ .rpm https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/suse/amd64/latest/amazon-cloudwatch-agent.rpm | https://amazoncloudwatch-agent.s3.amazonaws.com/suse/amazon-cloudwatch-agentamd64/terbaru/ .rpm.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/suse/amd64/latest/amazon-cloudwatch-agen.rpm.sig | | x86-64 | Debian | https://amazoncloudwatch-agent.s3.amazonaws.com/debian/amd64/terbaru/ .deb amazon-cloudwatch-agent https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/debian/amd64/latest/amazon-cloudwatch-agent.deb | https://amazoncloudwatch-agent.s3.amazonaws.com/debian/amazon-cloudwatch-agentamd64/terbaru/ .deb.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/debian/amd64/latest/amazon-cloudwatch-agent.deb.sig | | x86-64 | Ubuntu | https://amazoncloudwatch-agent.s3.amazonaws.com/ubuntu/amd64/terbaru/ .deb amazon-cloudwatch-agent https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb | https://amazoncloudwatch-agent.s3.amazonaws.com/ubuntu/amazon-cloudwatch-agentamd64/terbaru/ .deb.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb.sig | | x86-64 | Oracle | https://amazoncloudwatch-agent.s3.amazonaws.com/oracle\$1linux/amazon-cloudwatch-agentamd64/terbaru/ .rpm https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/oracle\$1linux/amd64/latest/amazon-cloudwatch-agent.rpm | https://amazoncloudwatch-agent.s3.amazonaws.com/oracle\$1linux/amazon-cloudwatch-agentamd64/terbaru/ .rpm.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/oracle\$1linux/amd64/latest/amazon-cloudwatch-agen.rpm.sig | | x86-64 | macOS | https://amazoncloudwatch-agent.s3.amazonaws.com/darwin/amazon-cloudwatch-agentamd64/terbaru/ .pkg https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/darwin/amd64/latest/amazon-cloudwatch-agent.pkg | https://amazoncloudwatch-agent.s3.amazonaws.com/darwin/amd64/terbaru/ amazon-cloudwatch-agent .pkg.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/darwin/amd64/latest/amazon-cloudwatch-agen.pkg.sig | | x86-64 | Jendela | https://amazoncloudwatch-agent.s3.amazonaws.com/windows/amazon-cloudwatch-agentamd64/terbaru/ .msi https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/windows/amd64/latest/amazon-cloudwatch-agent.msi | https://amazoncloudwatch-agent.s3.amazonaws.com/windows/amazon-cloudwatch-agentamd64/terbaru/ .msi.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/windows/amd64/latest/amazon-cloudwatch-agent.msi.sig | | ARM64 | Amazon Linux 2023 dan Amazon Linux 2 | https://amazoncloudwatch-agent.s3.amazonaws.com/amazon\$1linux/amazon-cloudwatch-agentlengan64/terbaru/ .rpm https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/amazon\$1linux/arm64/latest/amazon-cloudwatch-agent.rpm | https://amazoncloudwatch-agent.s3.amazonaws.com/amazon\$1linux/amazon-cloudwatch-agentarm64/terbaru/ .rpm.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/amazon\$1linux/arm64/latest/amazon-cloudwatch-agen.rpm.sig | | ARM64 | Redhat | https://amazoncloudwatch-agent.s3.amazonaws.com/redhat/amazon-cloudwatch-agentlengan64/terbaru/ .rpm https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/redhat/arm64/latest/amazon-cloudwatch-agent.rpm | https://amazoncloudwatch-agent.s3.amazonaws.com/redhat/amazon-cloudwatch-agentarm64/terbaru/ .rpm.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/redhat/arm64/latest/amazon-cloudwatch-agen.rpm.sig | | ARM64 | Ubuntu | https://amazoncloudwatch-agent.s3.amazonaws.com/ubuntu/amazon-cloudwatch-agentarm64/terbaru/ .deb https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/ubuntu/arm64/latest/amazon-cloudwatch-agent.deb | https://amazoncloudwatch-agent.s3.amazonaws.com/ubuntu/amazon-cloudwatch-agentarm64/terbaru/ .deb.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/ubuntu/arm64/latest/amazon-cloudwatch-agent.deb.sig | | ARM64 | Debian | https://amazoncloudwatch-agent.s3.amazonaws.com/debian/amazon-cloudwatch-agentarm64/terbaru/ .deb https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/debian/arm64/latest/amazon-cloudwatch-agent.deb | https://amazoncloudwatch-agent.s3.amazonaws.com/debian/amazon-cloudwatch-agentarm64/terbaru/ .deb.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/debian/arm64/latest/amazon-cloudwatch-agent.deb.sig | | ARM64 | SEGAR | https://amazoncloudwatch-agent.s3.amazonaws.com/suse/amazon-cloudwatch-agentlengan64/terbaru/ .rpm https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/suse/arm64/latest/amazon-cloudwatch-agent.rpm | https://amazoncloudwatch-agent.s3.amazonaws.com/suse/amazon-cloudwatch-agentarm64/terbaru/ .rpm.sig https://amazoncloudwatch-agent - *us-east-1* .s3. *us-east-1*.amazonaws. com/suse/arm64/latest/amazon-cloudwatch-agen.rpm.sig | **Untuk memverifikasi paket CloudWatch agen di server Linux** 1. Unduh kunci publik. ``` shell$ wget https://amazoncloudwatch-agent.s3.amazonaws.com/assets/amazon-cloudwatch-agent.gpg ``` 1. Impor kunci publik ke dalam keyring Anda. ``` shell$ gpg --import amazon-cloudwatch-agent.gpg gpg: key 3B789C72: public key "Amazon CloudWatch Agent" imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) ``` Catat nilai utama, saat Anda membutuhkannya pada langkah berikutnya. Dalam contoh sebelumnya, nilai utama adalah `3B789C72`. 1. Verifikasi sidik jari dengan menjalankan perintah berikut, ganti *key-value* dengan nilai dari langkah sebelumnya: ``` shell$ gpg --fingerprint key-value pub 2048R/3B789C72 2017-11-14 Key fingerprint = 9376 16F3 450B 7D80 6CBD 9725 D581 6730 3B78 9C72 uid Amazon CloudWatch Agent ``` String sidik jari harus sama dengan berikut ini: `9376 16F3 450B 7D80 6CBD 9725 D581 6730 3B78 9C72` Jika string sidik jari tidak cocok, jangan instal agen. Hubungi Layanan Web Amazon. Setelah memverifikasi sidik jari, Anda dapat menggunakannya untuk memverifikasi tanda tangan CloudWatch yang tepat. 1. Unduh file tanda tangan paket menggunakan **wget**. Untuk menentukan file tanda tangan yang benar, silakan lihat tabel sebelumnya. ``` wget Signature File Link ``` 1. Untuk memverifikasi tanda tangan, jalankan **gpg --verify**. ``` shell$ gpg --verify signature-filename agent-download-filename gpg: Signature made Wed 29 Nov 2017 03:00:59 PM PST using RSA key ID 3B789C72 gpg: Good signature from "Amazon CloudWatch Agent" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 9376 16F3 450B 7D80 6CBD 9725 D581 6730 3B78 9C72 ``` Jika output mencakup frasa `BAD signature`, periksa apakah Anda melakukan prosedur dengan benar. Jika Anda terus mendapatkan respons ini, hubungi Layanan Web Amazon dan hindari menggunakan file yang diunduh. Catat peringatan tentang kepercayaan. Kunci hanya dapat dipercaya jika Anda atau seseorang yang Anda percaya telah menandatanganinya. Ini tidak berarti bahwa tanda pembeda Anda tidak valid, hanya saja Anda belum memverifikasi kunci publiknya. **Untuk memverifikasi paket CloudWatch agen pada server yang menjalankan Windows Server** 1. Unduh dan instal GnuPG untuk Windows dari [https://gnupg.org/download/](https://gnupg.org/download/). Saat menginstal, sertakan opsi **Shell Extension (GpgEx)**. Anda dapat melakukan langkah-langkah lainnya di Windows PowerShell. 1. Unduh kunci publik. ``` PS> wget https://amazoncloudwatch-agent.s3.amazonaws.com/assets/amazon-cloudwatch-agent.gpg -OutFile amazon-cloudwatch-agent.gpg ``` 1. Impor kunci publik ke dalam keyring Anda. ``` PS> gpg --import amazon-cloudwatch-agent.gpg gpg: key 3B789C72: public key "Amazon CloudWatch Agent" imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) ``` Catat nilai kunci karena Anda membutuhkannya di langkah berikutnya. Dalam contoh sebelumnya, nilai utama adalah `3B789C72`. 1. Verifikasi sidik jari dengan menjalankan perintah berikut, ganti *key-value* dengan nilai dari langkah sebelumnya: ``` PS> gpg --fingerprint key-value pub rsa2048 2017-11-14 [SC] 9376 16F3 450B 7D80 6CBD 9725 D581 6730 3B78 9C72 uid [ unknown] Amazon CloudWatch Agent ``` String sidik jari harus sama dengan berikut ini: `9376 16F3 450B 7D80 6CBD 9725 D581 6730 3B78 9C72` Jika string sidik jari tidak cocok, jangan instal agen. Hubungi Layanan Web Amazon. Setelah memverifikasi sidik jari, Anda dapat menggunakannya untuk memverifikasi tanda tangan CloudWatch yang tepat. 1. Unduh file tanda tangan paket menggunakan wget. Untuk menentukan file tanda tangan yang benar, lihat [CloudWatch Tautan Unduhan Agen](download-CloudWatch-Agent-on-EC2-Instance-commandline-first.md#agent-download-link-table). 1. Untuk memverifikasi tanda tangan, jalankan **gpg --verify**. ``` PS> gpg --verify sig-filename agent-download-filename gpg: Signature made 11/29/17 23:00:45 Coordinated Universal Time gpg: using RSA key D58167303B789C72 gpg: Good signature from "Amazon CloudWatch Agent" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 9376 16F3 450B 7D80 6CBD 9725 D581 6730 3B78 9C72 ``` Jika output mencakup frasa `BAD signature`, periksa apakah Anda melakukan prosedur dengan benar. Jika Anda terus mendapatkan respons ini, hubungi Layanan Web Amazon dan hindari menggunakan file yang diunduh. Catat peringatan tentang kepercayaan. Kunci hanya dapat dipercaya jika Anda atau seseorang yang Anda percaya telah menandatanganinya. Ini tidak berarti bahwa tanda pembeda Anda tidak valid, hanya saja Anda belum memverifikasi kunci publiknya. **Untuk memverifikasi paket CloudWatch agen di komputer macOS** + Ada dua metode untuk verifikasi tanda tangan di macOS. + Verifikasi sidik jari dengan menjalankan perintah berikut. ``` pkgutil --check-signature amazon-cloudwatch-agent.pkg ``` Anda akan melihat hasil yang mirip dengan berikut ini. ``` Package "amazon-cloudwatch-agent.pkg": Status: signed by a developer certificate issued by Apple for distribution Signed with a trusted timestamp on: 2020-10-02 18:13:24 +0000 Certificate Chain: 1. Developer ID Installer: AMZN Mobile LLC (94KV3E626L) Expires: 2024-10-18 22:31:30 +0000 SHA256 Fingerprint: 81 B4 6F AF 1C CA E1 E8 3C 6F FB 9E 52 5E 84 02 6E 7F 17 21 8E FB 0C 40 79 13 66 8D 9F 1F 10 1C ------------------------------------------------------------------------ 2. Developer ID Certification Authority Expires: 2027-02-01 22:12:15 +0000 SHA256 Fingerprint: 7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68 09 0D 2D E1 8D 03 F2 9C 88 CF B0 B1 BA 63 58 7F ------------------------------------------------------------------------ 3. Apple Root CA Expires: 2035-02-09 21:40:36 +0000 SHA256 Fingerprint: B0 B1 73 0E CB C7 FF 45 05 14 2C 49 F1 29 5E 6E DA 6B CA ED 7E 2C 68 C5 BE 91 B5 A1 10 01 F0 24 ``` + Atau, download dan gunakan file .sig untuk menggunakan metode ini, ikuti langkah-langkah berikut. 1. Pasang aplikasi GPG ke host macOS Anda dengan memasukkan perintah berikut. ``` brew install GnuPG ``` + Unduh file tanda tangan paket menggunakan curl. Untuk menentukan file tanda tangan yang benar, lihat [CloudWatch Tautan Unduhan Agen](download-CloudWatch-Agent-on-EC2-Instance-commandline-first.md#agent-download-link-table). + Untuk memverifikasi tanda tangan, jalankan **gpg --verify**. ``` PS> gpg --verify sig-filename agent-download-filename gpg: Signature made 11/29/17 23:00:45 Coordinated Universal Time gpg: using RSA key D58167303B789C72 gpg: Good signature from "Amazon CloudWatch Agent" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 9376 16F3 450B 7D80 6CBD 9725 D581 6730 3B78 9C72 ``` Jika output mencakup frasa `BAD signature`, periksa apakah Anda melakukan prosedur dengan benar. Jika Anda terus mendapatkan respons ini, hubungi Layanan Web Amazon dan hindari menggunakan file yang diunduh. Catat peringatan tentang kepercayaan. Kunci hanya dapat dipercaya jika Anda atau seseorang yang Anda percaya telah menandatanganinya. Ini tidak berarti bahwa tanda pembeda Anda tidak valid, hanya saja Anda belum memverifikasi kunci publiknya.