Kernel 3: Get the Source Code


Note that the cleanest source code will not be RPMs or other pre-packaged units; the cleanest source code will be raw code packaged as tarballs.

However, RPMs (etc.) sometimes contain patches your system will need (if it’s Fedora, for instance). If you get RPMs, note that you’re likely to need two files, the kernel source and the necessary header files. Tarballs will (usually) have all this already.

Also be sure you do NOT get an RPM with “patch” in the name, unless you specifically want to patch your existing kernel from an immediately previous version. Patches are much smaller, but are NOT complete kernel source code.

You should be downloading a package of about 20-40 MB.


Get the signature file and fingerprint

NOTE that you should also download the signature file along with the tarball. It will have the same name as the tarball, with .sign on the end. See The Linux Kernel Archives OpenPGP Signature (

Also copy and save the key fingerprint, which will be this or similar:

Key fingerprint = C75D C40A 11D7 AF88 9981 ED5B C86B A06A 517D 0F0E

Note that (almost) universally, when you see a “0” it’s a zero, not the letter O (“oh”).


Get and import the key

You must import the key. This key is available from most common PGP key servers, such as If you get the key from this HTML page, copy the text beginning with:


and ending with:


to a text file named 517D0F0E. Or, you can request it directly from the keyserver using GnuPG:

gpg –keyserver –recv-keys 0x517D0F0E

If the keyserver times out, get the key from the page linked above. Keyservers do get overwhelmed.

Then issue the command:

gpg –import 517D0F0E


Verify the signature

Use GnuPG to use the signature to verify the tarball:

gpg –verify linux- linux-

You may get messages (or variants) like this:

gpg: Signature made Mon Oct 9 23:48:38 2000 PDT using DSA key ID 517D0F0E
gpg: Good signature from “Linux Kernel Archives Verification Key <>”

Could not find a valid trust path to the key. Let’s see whether we
can assign some missing owner trust values.

No path leading to one of our keys found.

gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.

For the time being, don’t worry about these. However, the last line should be something like this:

Primary key fingerprint: C75D C40A 11D7 AF88 9981 ED5B C86B A06A 517D 0F0E

This number should match the fingerprint number you saved above. If it doesn’t, stop right here and get the kernel source from some other, presumably uncompromised, location!


Where To Put The Source Code

Download,copy or move your source code (in whatever form) into /usr/src/.

This directory is likely already to have a directory named linux! If it does, rename this directory before unpacking your tarball. Command:

tar zxvf ./linux- #update this
#to match the version you get

Don’t forget that the tab key lets you expand a long file name without typing the whole thing. If you got a bzipped tarball rather than the usual gzipped tarball, you’ll need:

tar xvf ./linux- –use-compress-program bzip2
or, more succinctly:
tar jxfv ./linux-

Once you’ve done this, run an ls and note the name of your new directory. Rarely it will be may be “linux;” more commonly it will be “linux-”.

At this point you’ll need to create a symlink to this directory. Command:

ln -s /usr/src/linux<new version> /usr/src/linux

This isn’t mandatory; you’ll just need it to keep from going insane. For an example why, change to this directory now.