Home > Package & System Management > sha256sum

sha256sum: Calculate and Verify SHA256 Checksums

The sha256sum command is used to calculate the SHA256 hash value of a file or to verify the integrity of a file by comparing it against a pre-generated hash file. This is essential for ensuring file reliability in various scenarios, such as checking for file corruption after data transfer or verifying the integrity of downloaded software files.

Overview

sha256sum is used to generate or verify the SHA256 hash of files. SHA256 is a one-way cryptographic hash function, meaning that even a small change in the input will produce a completely different hash value, and it is extremely difficult to deduce the original data from the hash value. This is crucial for confirming that files have not been altered or corrupted during transmission.

Key Features

  • File Integrity Verification: Ensures that a file is identical to its original.
  • Data Tampering Detection: Identifies malicious modifications or corruption.
  • Security: SHA256 is considered a secure hash algorithm to date.
  • Cross-Platform Compatibility: Available by default on most Linux/Unix systems.

Key Options

Here are the main options for the sha256sum command.

Operation Modes

Verification Related

Generated command:

Try combining the commands.

Description:

`sha256sum` Executes the command.

Combine the above options to virtually execute commands with AI.

Usage Examples

Here are various examples of how to use the sha256sum command.

Generate SHA256 Checksum for a Single File

sha256sum my_document.txt

Calculates the SHA256 checksum for a specified file and displays it to standard output.

Generate SHA256 Checksums for Multiple Files

sha256sum file1.txt file2.zip

Calculates the checksums for multiple files at once.

Save Checksums to a File

sha256sum important_data.tar.gz > checksums.sha256

Saves the calculated checksums and filenames to a file named `checksums.sha256`. This file can be used later for integrity verification.

Verify a Saved Checksum File

sha256sum -c checksums.sha256

Verifies the integrity of `important_data.tar.gz` using the previously generated `checksums.sha256` file. If all files match, an 'OK' message will be displayed.

Generate Checksum from Standard Input

echo 'Hello World' | sha256sum

Calculates the SHA256 checksum for data piped through standard input.

Ignore Missing Files During Verification

sha256sum -c --ignore-missing checksums.sha256

Continues verification without raising an error, even if some files listed in the checksum file are not present in the current directory.

Tips & Precautions

Useful tips and precautions when using the sha256sum command.

Security Considerations

  • Securely Store Checksum Files: The checksum file itself must be stored securely, as its alteration would render the integrity verification meaningless.
  • Prefer SHA256 over MD5: MD5 has known vulnerabilities to collision attacks. For security-sensitive applications, SHA256 or stronger hash algorithms are recommended.

Creating and Verifying Checksum Files

To create a checksum file, use redirection like `sha256sum [file] > [checksum_file]`. To verify, use the `sha256sum -c [checksum_file]` option. The verification results will indicate 'OK' or 'FAILED' for each file.

Same category commands

acl

ACL: Access Control List Management

anacron

anacron: Run periodic commands when the system is not running

ansible

ansible: Remote Server Management and Automation

apropos

apropos: Search Manual Pages

apt

APT (Advanced Package Tool) Command Guide