Download EXPERIMENTAL Boxi builds

EXPERIMENTAL Boxi builds

We are very pleased to share our frequent Boxi builds with the developer community. Please be careful with the builds provided here. While they should generally work, they are EXPERIMENTAL, and have not been tested. Use them at your own risk. DO NOT USE THE BUILDS FOR PRODUCTION USE!

Reporting Problems

It is very likely that you will find problems with the EXPERIMENTAL Boxi builds on this page: Please report them! Boxi and Box Backup are complex applications and we need your help to find and fix any problems that you encounter.

You should initially report your problem on the developers mailing list (see the MailingLists page for details). The problem might already be known about, or there may be a simple mistake in configuration that is easily corrected. If, following that discussion, it appears to be a real problem then a ticket will be raised on this website to track the investigation and fix of that problem - that ticket will probably be raised by the developers.

Download latest build

Please be careful with the builds provided here. While they should generally work, they are EXPERIMENTAL, and have not been tested. Use them at your own risk. DO NOT USE THE BUILDS FOR PRODUCTION USE!

Verify latest build via SHA1

Downlod the lastest EXPERIMENTAL Boxi build from http://cuba-project.org/downloads/boxi/latest.zip, and confirm that the SHA1 sums generated with sha1sum.exe match the following ones:

For Boxi R684 based on Box Backup R2551 (functionally identical to R2559, 0.11rc4)

$ sha1sum.exe *
3810fa6cece822ce842c736086e76456a0c24a39 *LICENSE.txt
b60a51e4ecba1fdf4e330f96dddabf42a69897d0 *bbackupctl.exe
04522f96f746f208cf46f21661375a9abfab6b60 *bbackupd.exe
9d82dc4097643aab5b48a5174aea245e37191c86 *bbackupquery.exe
2c56005105dcdfdbdfbf8c11cc3234d9003f4e79 *boxi.exe
0dc700ab5cf0a313446d16c97844531ef427cdcb *mgwz.dll
f759b6582689782067306ffd39a43b9c4baeba87 *mingwm10.dll

Verify latest official RC

Get the latest official RC source and the related and signature from http://www.boxbackup.org/trac/wiki/BetaReleases as follows:


$ wget http://www.boxbackup.org/svn/box/packages/boxbackup-0.11rc2.tgz
$ wget http://www.boxbackup.org/svn/box/packages/boxbackup-0.11rc2.tgz.asc

The required key (for Chris Wilson) is missing, so we import it from the key server

$ gpg --keyserver x-hkp://pgp.mit.edu --recv-keys 0xD847F866

$ gpg --verify boxbackup-0.11rc2.tgz.asc
gpg: Signature made 01/29/08 01:59:49 using DSA key ID D847F866
gpg: Good signature from "Chris Wilson "
gpg: Note: This key has expired!
Primary key fingerprint: B8AF 6C4E 6718 EB9F 4C5D 3992 5FE2 E5B0 D847 F866

$ sha1sum.exe boxbackup-0.11rc2.tgz
9ba640b1c1f2531214a54273396f8cf932d17782 *boxbackup-0.11rc2.tgz

More details on integrity checking are available here:

Installing GPG

Get GnuPG from ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.9.exe and the corresponding signature from ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.9.exe.sig Then we check that the install works by verifying the GnuPG signature: this is only a test and does not establish authenticity of GPG, since you are asking the program to verify itself!


$ gpg --verify gnupg-w32cli-1.4.9.exe.sig
gpg: Signature made 03/26/08 18:51:54 using RSA key ID 1CE0C630
gpg: Can't check signature: public key not found

The required key is missing, so we import it from the key server

$ gpg --keyserver x-hkp://pgp.mit.edu --recv-keys 0x1CE0C630
gpg: NOTE: you should run 'diskperf -y' to enable the disk statistics
gpg: requesting key 1CE0C630 from hkp server pgp.mit.edu
gpg: C:/Documents and Settings/achimlatz/Datos de programa/gnupg\trustdb.gpg: trustdb created
gpg: key 1CE0C630: public key "Werner Koch (dist sig) " imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

Now the verification works

$ gpg --verify gnupg-w32cli-1.4.9.exe.sig
gpg: Signature made 03/26/08 18:51:54 using RSA key ID 1CE0C630
gpg: Good signature from "Werner Koch (dist sig) "
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 7B96 D396 E647 1601 754B E4DB 53B6 20D0 1CE0 C630

SHA1

Get SHA1sum from ftp://ftp.gnupg.org/gcrypt/binary/sha1sum.exe

Compare the result of the .exe's SHA1 with the one printed on the web page: this DOES make sure that you GnuPG binary is authentic:

$ sha1sum.exe gnupg-w32cli-1.4.9.exe
c2efad983dfe50e6d8007257bad2c76604be389a gnupg-w32cli-1.4.9.exe