Download

<head><title>Download</title></head>
$!{decoration.custom.setAttribute("contentHeaderLogo", "../images/header-jump.jpg")}
#set( $H = '#' )

Download
-------

$H$H$H Sources

To download the source codes please follow the [Development](../documentation/development.html) documentation.


$H$H$H Binaries

$H$H$H$H Java 11 vs. Java 8

Since version 1.0.0, subshare supports Java 11 and all its JARs contain a <code>module-java.class</code>.

Subshare 1.0.0 works with Java 11 (and newer) only! Java 8 is *not* supported, anymore. Because of this,
we do not automatically update from subshare 0.x.

If you want to use subshare with Java 8, please download the newest 0.x-version, which you find
on the [releases](http://subshare.org/latest-stable/releases/) page.


$H$H$H$H Client (GUI)

* tar.gz (recommended)
	* [org.subshare.gui-${subshare_version}-bin.tar.gz](./org.subshare.gui-${subshare_version}-bin.tar.gz)
	* [OpenPGP signature](./org.subshare.gui-${subshare_version}-bin.tar.gz.sig)
* zip (if you really cannot open tar.gz files)
	* [org.subshare.gui-${subshare_version}-bin.zip](./org.subshare.gui-${subshare_version}-bin.zip)
	* [OpenPGP signature](./org.subshare.gui-${subshare_version}-bin.zip.sig)


$H$H$H$H Server

* tar.gz (recommended)
	* [org.subshare.server-${subshare_version}-bin.tar.gz](./org.subshare.server-${subshare_version}-bin.tar.gz)
	* [OpenPGP signature](./org.subshare.server-${subshare_version}-bin.tar.gz.sig)
* zip (if you really cannot open tar.gz files)
	* [org.subshare.server-${subshare_version}-bin.zip](./org.subshare.server-${subshare_version}-bin.zip)
	* [OpenPGP signature](./org.subshare.server-${subshare_version}-bin.zip.sig)

**Important:** Only stable versions are signed. It is thus normal that you get a 404 error when trying to download a signature
for a *SNAPSHOT* version. We simply do not sign snapshots. They are for testing only and should not be used productively,
anyway.


$H$H$H Verifying downloads via OpenPGP signatures

It is urgently recommended that you verify the downloaded binary files. If you don\'t, you might receive files with
undesired additional features - spying on you or otherwise abusing your computer.

To verify a file, simply download the corresponding *[OpenPGP](http://en.wikipedia.org/wiki/OpenPGP) signature* file.
Both files should be located in the same directory.

Then open a console, switch to the directory containing the downloads and verify them using these commands:

<div><pre>cd ~/Downloads
gpg org.subshare.gui-${subshare_version}-bin.tar.gz.sig
gpg org.subshare.server-${subshare_version}-bin.tar.gz.sig</pre></div>

Of course, you need the OpenPGP *public* key which was used for signing. The CodeWizards\' keys can be found
[here on the CodeWizards web-site](http://codewizards.co/site/current/about/contact.html).

After downloading a key (e.g. [0x4AB0FBC1.asc](https://www.codewizards.co/site/current/0x4AB0FBC1.asc)), you have to
import it into your local key ring.

With *gpg*, you can do this with the following command:

<div><pre>gpg --import 0x4AB0FBC1.asc</pre></div>

If you use a different OpenPGP implementation (i.e. not *gpg*), then please consult its documentation about importing keys
and verifying signatures.