Linux Generate Checksums and Verify Data Integrity

The checksum is used to verify the correctness of a file. It can be described as a digital fingerprint of a file. By verifying the Checksum value we can determine the correctness of a file while it's been transferred from one location to another. The checksum is a long string of data containing various letters and numerals. All popular software downloading websites provides a checksum value for the downloaded file with which we can confirm our data by verifying the checksum value.

Generating Checksums

A checksum is generated by a checksum algorithm. It generates a checksum value by taking the file as input. MD5 and SHA (Secure Hash Algorithms) are the most popular algorithms used for generating the checksums

Command-line Checksum tools

Almost all Linux distribution provides the command line tools for various checksum algorithms. You can generate and verify checksum with them. Some of the standard command-line checksum tools used nowadays are the followings:

MD5 checksum tool is called: md5sum
SHA-1 checksum tool is called: sha1sum
SHA-256 checksum tool is called: sha256sum
SHA-384 checksum tool is called: sha384sum
SHA-224 checksum tool is called: sha224sum
SHA-512 checksum tool is called: sha512sum


Let's see some of the examples on using these command line tools for generating the checksum values.

I've created one of test index file called index.html. Let's generate the checksum value for this file using these above tools.


MD5 is an algorithm that is used to verify data integrity through the creation of a 128-bit message digest from a data input that is claimed to be as unique to that specific data as a fingerprint to a specific individual.You can see my test index file, I've generated the checksum value corresponding to this file using MD5 algorithm.

:~$ cat index.html
<center><h1>Welcome to our Checksum Testst</h1></center>

<center><p>{{My Linoxide Server}}</p></center>

$ md5sum index.html
c36f11e50d72d1a090e9ebab382994fa index.html


SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function designed by the United States National Security Agency. SHA-1 produces a 160-bit (20-byte) hash value known as a message digest. Please see the sha1 hash value for the same file.

~$ sha1sum index.html
e45d71387b61782e65f766dd11381762d00f9e15 index.html


SHA-2 is a family of two similar hash functions, with different block sizes, known as SHA-256 and SHA-512. They differ in the word size; SHA-256 uses 32-bit words whereas SHA-512 uses 64-bit words. There are also truncated versions of each standard, known as SHA-224, SHA-384, SHA-512/224 and SHA-512/256. SHA-256 algorithm generates an almost-unique, fixed size 256-bit (32-byte) hash. Hash is a one-way function, which cannot be decrypted back. We can generate the hash value using this SHA-256 algorithm for the same file using the command below:

~$ sha256sum index.html
b29c03bfe9851088349c170ec27f34a0c7869dfcbdfc2c42cd79fb0315e20eb6 index.html

$ sha512sum index.html
79e538a320e984bb3a0d32312140b37d6ac50bc1127edfd6027990955ef7fef499855d928caec index.html

$ sha224sum index.html
268729b7123abe0bd17fdf64402c27b4afa56be0ac3b869c8028798e index.html

$ sha384sum index.html

Verifying a file using Checksum

We've already learned various techniques for generating the checksum values. Now we can learn how to verify the correctness of a file using the checksum methods. Let's download an ISO file from a website.

As you can see there will be a checksum value corresponding to any download file. Let's download our ISO sample file and check its correctness by comparing the checksum value for the downloaded file and the md5sum value on the website.

$ wget
-Saving to: ‘dsl-4.4.10.iso’

dsl-4.4.10.iso 100%[==================================================================>] 49.90M 218KB/s in 4m 8s

2017-02-08 21:52:39 (206 KB/s) - ‘dsl-4.4.10.iso’ saved [52328448/52328448]

$ md5sum dsl-4.4.10.iso
5cb7e0d4506c249b78bbe0cd4695b865 dsl-4.4.10.iso

You can confirm the correctness of your downloaded ISO by comparing the checksum value here. It appears to be same, which means you've downloaded the exact file. If you delete or change even one character from any one of the text files inside the iso image, the checksum algorithm will generate a totally different checksum value for that changed iso image. And that will definitely not match with the checksum provided on the download page.


You can make use of this Checksum method as a redundancy check to detect errors in data. Hence. ensure the integrity of data portions for data transmission or storage. I hope this article is useful for you. Please post your valuable comments and suggestions on this.

Leave a Comment