Get file hash linux

An introduction to hashing and checksums in Linux

Photo by Markus Spiske from Pexels

The chances are that you’ve seen references to hashes or checksums when you’ve downloaded software from the Internet. Often, the software will be displayed, and then near the link is a checksum. The checksum may be labeled as MD5, SHA, or with some other similar name. Here is an example using one of my favorite old games from the 1990s named Nethack:

Many people don’t know exactly what this information means or how to work with it. In this article, I discuss the purpose of hashing, along with how to use it.

Goals of cryptography

In this first section, I want you to unlearn something. Specifically, I want you to break the association in your head between the word encryption and the word confidential. Many of us conceive of these two words as being synonymous when that is actually not the case. Cryptography, which includes encryption, can provide confidentiality, but it can also satisfy other goals.

Cryptography actually has three goals:

• Confidentiality — to keep the file content from being read by unauthorized users
• Authenticity — to prove where a file originated
• Integrity — to prove that a file has not changed unexpectedly

Linux security

It is that third concept, integrity, that we are interested in here. In this context, integrity means to prove that data has not changed unexpectedly. Proving integrity is useful in many scenarios:

• Internet downloads such as Linux distributions, software, or data files
• Network file transfers via NFS, SSH, or other protocols
• Verifying software installations
• Comparing a stored value, such as a password, with a value entered by a user
• Backups that compare two files to see whether they’ve changed

What is hashing?

Cryptography uses hashing to confirm that a file is unchanged. The simple explanation is that the same hashing method is used on a file at each end of an Internet download. The file is hashed on the web server by the web administrator, and the hash result is published. A user downloads the file and applies the same hash method. The hash results, or checksums, are compared. If the checksum of the downloaded file is the same as that of the original file, then the two files are identical, and there have been no unexpected changes due to file corruption, man-in-the-middle attacks, etc.

Hashing is a one-way process. The hashed result cannot be reversed to expose the original data. The checksum is a string of output that is a set size. Technically, that means that hashing is not encryption because encryption is intended to be reversed (decrypted).

What kind of hash cryptography might you use with Linux?

Message Digest and Secure Hash Algorithm

In Linux, you’re likely to interact with one of two hashing methods:

These cryptography tools are built into most Linux distributions, as well as macOS. Windows does not typically include these utilities, so you must download them separately from third party vendors if you wish to use this security technique. I think it’s great that security tools such as these are part of Linux and macOS.

Message Digest versus Secure Hash Algorithm

What’s the difference between the message digest and secure hash algorithms? The difference is in the mathematics involved, but the two accomplish similar goals. Sysadmins might prefer one over the other, but for most purposes, they function similarly. They are not, however, interchangeable. A hash generated with MD5 on one end of the connection will not be useful if SHA256 is used on the other end. The same hash method must be used on both sides.

SHA256 generates a bigger hash, and may take more time and computing power to complete. It is considered to be a more secure approach. MD5 is probably good enough for most basic integrity checks, such as file downloads.

Where do you find hashing in Linux?

Linux uses hashes in many places and situations. Checksums can be generated manually by the user. You’ll see exactly how to do that later in the article. In addition, hash capabilities are included with /etc/shadow , rsync , and other utilities.

For example, the passwords stored in the /etc/shadow file are actually hashes. When you sign in to a Linux system, the authentication process compares the stored hash value against a hashed version of the password you typed in. If the two checksums are identical, then the original password and what you typed in are identical. In other words, you entered the correct password. This is determined, however, without ever actually decrypting the stored password on your system. Check the first two characters of the second field for your user account in /etc/shadow . If the two characters are $1, your password is encrypted with MD5. If the characters are $5, your password is encrypted with SHA256. If the value is $6, SHA512 is being used. SHA512 is used on my Fedora 33 virtual machine, as seen below:

How to manually generate checksums

Using the hash utilities is very simple. I will walk you through a very easy scenario to accomplish on a lab computer or whatever Linux system you have available. The purpose of this scenario is to determine whether a file has changed.

First, open your favorite text editor and create a file named original.txt with a line of text that reads: Original information.

Next, run the file through a hash algorithm. I’ll use MD5 for now. The command is md5sum . Here is an example:

Kubernetes and OpenShift

Notice the resulting checksum value. This value is large enough that it’s difficult to work with. Let’s store that value for future use by redirecting it into a file:

At this point, you have an original file. Copy that file to the /tmp directory with the name duplicate.txt . Copy the file by using the following command (be sure to copy, not move):

Run the following command to create a checksum of the copied file:

Next, append the hash result to our hashes.txt file and then compare the two. Be very careful to use the >> append redirect operator here, because > will overwrite the hash value of the original.txt file.

Run the following command:

The two hash results are identical, so the file did not change during the copy process.

Next, simulate a change. Type the following command to change the /tmp/duplicate.txt file contents, and then rerun the md5sum command with the >> append operator:

You know that the duplicate.txt file is no longer identical to the original.txt file, but let’s prove that:

The two checksum values are not identical, and therefore the two files from which the checksums were generated are not identical.

In the above example, you manually compared the hash values by displaying them with cat . You can use the —check option to have md5sum do the comparison for us. I’ve included both methods below:

You can repeat the above steps substituting sha256sum for the md5sum command to see how the process works using the SHA algorithm. The sha256sum command also includes a —check checksum option that compares the resulting hashes and displays a message for whether the files differ.

Note: If you transfer files between Linux, macOS, and Windows, you can still use hashing to verify the files’ integrity. To generate a hash value on macOS, run the md5 command. To do this in Windows, you must download a third party program. Personally, I use md5checker. Be sure to understand licensing for these utilities. You may be able to use the PowerShell cmdlet get-filehash , depending on the version of PowerShell you have installed.

[ Free course: Red Hat Satellite Technical Overview. ]

Wrap up

Hashing confirms that data has not unexpectedly changed during a file transfer, download, or other event. This concept is known as file integrity. Hashing does not tell you what changed, just that something changed. Once hashing tells you two files are different, you can use commands such as diff to discover what differences exist.

Источник

Learn How to Generate and Verify Files with MD5 Checksum in Linux

A checksum is a digit which serves as a sum of correct digits in data, which can be used later to detect errors in the data during storage or transmission. MD5 (Message Digest 5) sums can be used as a checksum to verify files or strings in a Linux file system.

MD5 Sums are 128-bit character strings (numerals and letters) resulting from running the MD5 algorithm against a specific file. The MD5 algorithm is a popular hash function that generates 128-bit message digest referred to as a hash value, and when you generate one for a particular file, it is precisely unchanged on any machine no matter the number of times it is generated.

It is normally very difficult to find two distinct files that results in same strings. Therefore, you can use md5sum to check digital data integrity by determining that a file or ISO you downloaded is a bit-for-bit copy of the remote file or ISO.

In Linux, the md5sum program computes and checks MD5 hash values of a file. It is a constituent of GNU Core Utilities package, therefore comes pre-installed on most, if not all Linux distributions.

Take a look at the contents of /etc/group saved as groups.cvs below.

The md5sums command below will generate a hash value for the file as follows:

When you attempt to alter the contents of the file by removing the first line, root:x:0: and then run the command for a second time, try to observe the hash value:

You will notice that the hash value has now changed, indicating that the contents of the file where altered.

Now, put back the first line of the file, root:x:0: and rename it to group_file.txt and run the command below to generate its hash value again:

From the output above, the hash value is still the same even when the file has been renamed, with its original content.

Important: md5 sums only verifies/works with the file content rather than the file name.

The file groups_list.txt is a duplicate of groups.csv, so, try to generate the hash value of the files at the same time as follows.

You will see that they both have equal hash values, this is because they have the exact same content.

You can redirect the hash value(s) of a file(s) into a text file and store, share them with others. For the two files above, you can issues the command below to redirect generated hash values into a text file for later use:

To check that the files have not been modified since you created the checksum, run the next command. You should be able to view the name of each file along with “OK”.

The -c or —check option tells md5sums command to read MD5 sums from the files and check them.

Remember that after creating the checksum, you can not rename the files or else you get a “No such file or directory” error, when you try to verify the files with new names.

The concept also works for strings alike, in the commands below, -n means do not output the trailing newline:

In this guide, I showed you how to generate hash values for files, create a checksum for later verification of file integrity in Linux. Although security vulnerabilities in the MD5 algorithm have been detected, MD5 hashes still remains useful especially if you trust the party that creates them.

Verifying files is therefore an important aspect of file handling on your systems to avoid downloading, storing or sharing corrupted files. Last but not least, as usual reach us by means of the comment form below to seek any assistance, you can as well make some important suggestions to improve this post.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

We are thankful for your never ending support.

Источник

Ubuntu Documentation

The program sha256sum is designed to verify data integrity using the SHA-256 (SHA-2 family with a digest length of 256 bits). SHA-256 hashes used properly can confirm both file integrity and authenticity. SHA-256 serves a similar purpose to a prior algorithm recommended by Ubuntu, MD5, but is less vulnerable to attack.

Comparing hashes makes it possible to detect changes in files that would cause errors. The possibility of changes (errors) is proportional to the size of the file; the possibility of errors increase as the file becomes larger. It is a very good idea to run an SHA-256 hash comparison check when you have a file like an operating system install CD that has to be 100% correct.

In terms of security, cryptographic hashes such as SHA-256 allow for authentication of data obtained from insecure mirrors. The SHA-256 hash must be signed or come from a secure source (such as a HTTPS page or a GPG-signed file) of an organization you trust. See the SHA-256 checksum file for the release you’re using under http://releases.ubuntu.com, such as http://cdimage.ubuntu.com/daily-live/current/SHA256SUMS . You should verify this file using the PGP signature, SHA256SUMS.gpg (such as http://cdimage.ubuntu.com/daily-live/current/SHA256SUMS.gpg ) as described in VerifyIsoHowto.

sha256

sha256sum on Linux

Most Linux distributions come with the sha256sum utility (on Ubuntu it is part of the coreutils package). We are going to use the Ubuntu 9.10 LiveDVD for the following example:

Check the iso file

Ubuntu distributes the SHA-256 checksum hashes in a file called SHA256SUMS in the same directory listing as the download page for your release http://releases.ubuntu.com.

Manual method

First open a terminal and go to the correct directory to check a downloaded iso file:

Then run the following command from within the download directory.

sha256sum should then print out a single line after calculating the hash:

Compare the hash (the alphanumeric string on left) that your machine calculated with the corresponding hash in the SHA256SUMS file.

When both hashes match exactly then the downloaded file is almost certainly intact. If the hashes do not match, then there was a problem with either the download or a problem with the server. You should download the file again from either the same mirror, or from a different mirror if you suspect a server error. If you continuously receive an erroneous file from a server, please be kind and notify the web-master of that mirror so they can investigate the issue.

Semi-automatic method

First download the SHA256SUMS and SHA256SUMS.gpg files to the same directory as the iso. Then run the following commands in a terminal.

The sha256sum line should output a line such as:

If the OK for your file appears, that indicates the hash matches.

Success

Once you have verified the sha256 hash, go ahead and burn the CD. You may want to refer to the BurningIsoHowto page.

Check the CD

So far so good, you have downloaded an iso and verified its integrity. When you boot from the CD you will be given the option to test its integrity. Great, but if the CD is corrupt then you have already wasted time rebooting. You can check the integrity of the CD without rebooting as follows.

Manual method

Check the calculated hash against UbuntuHashes as shown for the iso file above. Depending on your system, you may need to change cdrom to cdrom0 (or even cdrom1 if you have two CD drives).

Success?

Congratulations, you now have a verified Ubuntu CD. Go ahead and use it (or play frisbee with it if you want).

MD5SUM on Mac OS X

This should be updated by someone with access to a Mac.

There are three methods of using md5sumsum on an OS X machine.

Method 1 — The easiest (if MD5 is available) is using the Disk Utility program (Applications > Utilities, or by choosing «Utilities» from the Finder’s «Go» menu). Open Disk Utility and wait for it to gather information about your disks. Go to the directory where you downloaded the Ubuntu disk image, and drag it to Disk Utility’s dock icon (displays on the left-hand side of Disk Utility, underneath your physical drives). Select the iso file. Go to the «Images» menu and select Checksum > MD5. Be sure to choose «MD5» and NOT «MD5 image checksum» or «CRC-32 image checksum», as they are not the same and will give you different results.

Method 2 — If MD5 is not available in the Images > Checksum menu, open a terminal window (Applications > Utilities > Terminal.app). Type «md5», type a space, drag the iso file into the terminal window (appends command with iso file path), and press Enter. The command line returns the hash number.

Method 3 — You can use the Terminal.app and follow the instructions for SHA256SUM on Linux, except use the command «openssl md5» instead of «sha256sum».

Each method returns a hash number. Compare the hash number with the corresponding hash on the UbuntuHashes page. When both hashes match exactly, then the downloaded file is almost certainly intact.

If the hashes do not match, then there was a problem with either the download or a problem with the server. You should download the file again from either the same mirror, or from a different mirror if you suspect a server error. If you continuously receive an erroneous file from a server, please notify the web-master of that mirror so they can investigate the issue.

digest(1) on Solaris

Use the Solaris digest(1) command, specifying the sha256 algorithm with the -a flag. For instance:

SHA256SUM on Windows

This section also needs to be updated. Is there a sha256sum.exe file distributed by a reliable source? Is there a good GUI?

Windows does not come with sha256sum. You must download one from another location, preferably one that you trust. There are command line utilities that work similarly to the Unix utility; one public domain version with source is available from Fourmilab, but the version available from Cygwin is probably easier to install and update, and Cygwin is also recommended and trusted as the source for many more Unixy utilities. Once installed, Cygwin’s sha256sum behaves exactly as described in SHA256SUM on Linux above.

There are also graphical tools such as the one used in the walk-through provided below.

Download and install winSha256sum, a free and open source hash verification program.
Right-click the ISO file.

Click Send To, then winSha256sum.

Wait for winSha256sum to load and finish the checksum (this may take a significant amount of time depending on your computer’s performance).

Copy the corresponding hash from UbuntuHashes into the bottom text box.

Click «Compare»

A message box will say «MD5 Check Sums are the same» if the hashes are equal.

MD5SUM with «Checksums calculator»

«Checksums calculator” is an open source GUI application that has been developed to run on Windows, MacOS X and Linux operating systems on 32bit and 64bit architectures while is translated into 19 languages. It gives you the ability to calculate checksums of functions: md5, sha1, sha256, sha384 and sha512. It is very simple to use, after downloaded the zip file with the version that fits on your computer, doesn’t require any installation, just unzip it to any folder of your choice. Once you run it, select the file you want to calculate the checksum, then select the function and click the «Calculate» button. If you want to compare the result, in the field «Original checksum» give the checksum that you downloaded and click the «Compare» button. You can download the application here.

The program while is running under Windows 7 64bit.

The program while is running under Snow Leopard 10.6 32bit.

The program while is running under Ubuntu 10.04 64bit.

SHA256SUM on CD

I don’t know if there is now a sha256sum.txt file on the CD.

To see if your Ubuntu CD was corrupted when burned to the disk, see the CDIntegrityCheck page, or follow the instructions below.

First mount the CD, if not already mounted:

Then use the supplied sha256sum file on the CD:

Be patient, it takes some time. If the command outputs any errors, you’ll know that either the burn was bad or the .iso is corrupt. Please note that this method does not verify authenticity unless the hash of the iso file is compared to the hash at the secure UbuntuHashes page.

Finally, you can unmount the CD after leaving the folder:

SHA256SUM of burnt media

Depending on how you burn your ISOs you can check the burnt media directly. Start by checking that the ISO file is correct:

Now burn it from Nautilus (right-click, «Write to Disc . «). To check the media directly:

where «/dev/cdrom» is typically a soft-link to your CD/DVD reader/burner. Note that the checksum matches.

External Links

HowToSHA256SUM (последним исправлял пользователь anthony-geoghegan 2015-12-14 23:05:24)

The material on this wiki is available under a free license, see Copyright / License for details
You can contribute to this wiki, see Wiki Guide for details

Источник