The checksum is like a fingerprint for the file. A file is processed through a known algorithm which results in the checksum, a.k.a “hash”, which is a string of letters and numbers unique to that file, e.g. 8ab686eafeb1f44702738c8b0f24f2567c36da6d.
If the file is modified, the resulting checksum will be different. This allows a quick way to ensure a file has not be modified.
Often when a webpage includes a link to download a file, the checksum will also be listed. This gives the downloader a way to confirm they downloaded the intended file (not a malicious modified version instead).
There are different algorithms that can be used to determine a checksum. Currently, the SHA-256 and SHA-512 are the most popular algorithm to use. Some older and less secure algorithms include SHA-1 and md5.
From the command line, we can find the checksum for a file with the following commands:
SHA-256 Checksum
shasum -a 256 <filename>
e.g.
shasum -a 256 myfile.zip
SHA-512 Checksum
shasum -a 512 <filename>
e.g.
shasum -a 512 myfile.zip
SHA-1 Checksum
shasum -a 1 <filename>
or
shasum <filename>
e.g.
shasum -a 1 myfile.zip
or
shasum myfile.zip
MD5 Checksum
md5 <filename>
e.g.
md5 myfile.zip
Leave a Reply