For me, it’s not enough to verify the integrity of an ISO – I also have to verify its authenticity (or at least verify the checksum file) with GPG. I don’t know why, but just need to see that “Good signature” message before I feel safe installing Linux.
I notice, though, that the download pages of some prominent distros (Pop_OS!, openSUSE, etc) just give you a checksum, probably because they feel that anything else is unnecessary. This makes me shy away from installing them, which is a shame because I’d like to give some of those distros a try on bare metal.
Am I being paranoid when it comes to installing Linux?
GPG keys are hosted on separate websites not on the distro’s website, and also replicated (there are multiple GPG key registries) and if you have previously used a GPG key you already have it.
So now let’s see. With just checksum, the attacker that wants you to download their malware-riddled ISO just has to break into the distro’s website and change the checksum in one place. If they managed to break in and change the ISO there’s a good chance they can break in to change the checksum too.
On the other hand, if the distro publishes a GPG signature, the attacker would have to compromise all the GPG registries and may still fail if you already had the good key.
Even if they managed to do that, if the key is used to sign other downloads, that the attacker hasn’t changed, now the signature check will start failing for those, alerting other people.
It’s just a lot harder to falsify downloads signed with GPG than just checksums.