How to check an .ISO MD5 and sha256 checksums

I always wondered why we couldn't just use a simple bash command line to verify that the downloaded packages have be corrupted or not. Under Debian and thus Ubuntu and other derivatives, the md5sum tool has to be installed and used for that purpose.

If your system doesn’t have md5sum (used in the example here) or another MD5 hash checking tool, then you will need to install one. There are a lot number in the web that you will find by searching for md5sum.

First open a terminal and go to the correct directory to check a downloaded .iso file:

$ cd /<>

Then run the following commands from within the download directory:

$ ls

Highlight & copy the whole name of the .iso file & paste it after the following command & hit the Enter key:

$ md5sum <name.iso>

md5sum should then print out a single line after calculating the hash, for example:

$ 8044d756b7f00b695ab8dce07dce43e5 <name>.iso

Compare the hash (the alphanumeric string on left) that your machine calculated with the corresponding hash from the download page of the .iso . If they match your download is not corrupt. If they don’t match you need to download the .iso again.

Save the previous printed line in a single text file and then check with md5sum -c <filename.iso.md5> command.

Entering the following in a console within a folder containing a correctly formed *.md5 and one ISO file will verify that the md5sum of the *.iso or other file, is the same as that specified in the *.md5 file:

$ md5sum -c <filename.iso.md5>

An example for the manjaro-xfce-0.8.8-i686.iso using manjaro-xfce-0.8.8-i686.iso.md5 file which should contain the following:

aaf7f906b476b08f87249e76200e6cb7 manjaro-xfce-0.8.8-i686.iso

  • Separated by 2 spaces

To checksums sha256 use sha256sum command:
Place the file containing the checksums in the same directory as your ISO file downloads, and then run in a terminal:

$ sha256sum --check $CHECKSUM-FILE

Make sure to pass the name of the *.sha256sum.txt file, and not the ISO file!

Alternative form in a single command line instruction:

Alternatively run this command in your terminal in the directory the iso was downloaded to verify the SHA256 checksum:

$ echo "<sha256key> *<filename>" | shasum -a 256 --check

You should get the following output:

$ <filename>: OK

*English post

0 comentarios:

Publicar un comentario