Perform a Checksum in the Ubuntu Command Line

Want to check whether the downloaded file is corrupted or not? The easiest way is to verify its checksum.

In simple terms, the checksum can be considered a digital fingerprint of a file made up of characters and numbers.

You will find checksums while downloading files from the internet such as software packages, ISO files, etc.

So let's jump to the 'how to' part.

Perform a Checksum in the Ubuntu command line

There are various types of checksum algorithms available but you will find the implementation of the following two in most cases:

• Secure Hash Algorithms (SHA-1, SHA-2, etc).
• MD5 Algorithm.

And in this guide, I will be discussing both of them. So let's get started with the SHA.

Verify SHA256 Checksum in Ubuntu

In this guide, I'm going to use the Fedora ISO file, and the end checksum result should be the following:

9c69005baafdba6e4ff04c1cf4779121b7fc9aacab80b4633394576da336a515

And if you are curious how I ended up with the above checksum, I found this on the downloads (which you'll too).

I have saved this checksum in the file named SHA256 that I'll be using in the later part of this tutorial to test the integrity.

First, let's check the checksum of the downloaded ISO by using the sha256sum command:

sha256sum TargetFile

A 65-character long string and the filename are separated by space.

Sure, you can check by yourself manually but that's not the way I'd go.

First, let's save the SHA256 checksum to the file by redirecting the output:

sha256sum TargetFile | awk '{print $1}' > Filename

By default, the sha256sum will also add the filename to the file which was unnecessary for my task so that's why I used the awk command to remove that part.

I saved the SHA256 checksum to the file named Fedora_SHA:

sha256sum Fedora-Workstation-Live-x86_64-37-1.7.iso | awk '{print $1}' > Fedora_SHA

Now, I will use the diff command to check the contents of Fedora_SHA and SHA256 (file containing the SHA256 checksum from the website).

diff -qs Fedora_SHA SHA256

Here,

• -q will report only when files do not match.
• -s will report when two files are the exactly same.

And in my case, it showed that both SHA256 checksums are the same.

Verify MD5 Checksum in Ubuntu

The intended MD5 string should be:

f7aadc0d77fc8824f00c2c13c8299c39

And I have saved this sting in the file named MD5 which will be used to compare the two MD5 sums.

Now, let's use the md5sum command to generate the md5 checksum:

md5sum TargetFile

Now, let's redirect this output and save it to the file to proceed with compression:

md5sum TargetFile | awk '{print $1}' > Filename

Here, I saved the md5 checksum to the file named Fedora_MD5:

md5sum Fedora-Workstation-Live-x86_64-37-1.7.iso | awk '{print $1}' > Fedora_MD5

Now, I will be using the diff command with the same options that I did earlier to compare the two files: Fedora_MD5 and MD5 (file containing the checksum from the website to check authenticity):

diff -sq Fedora_MD5 MD5

And as you can see, the md5 checksum is matched! This means, the file is not corrupted and can be used without any hesitation.

Wrapping Up

This guide was specifically made for terminal users but if you want to use GUI, you can refer to the other guide that includes how you can verify checksum using GUI (the easy way).

And if you have any doubts our having issues while executing the commands, let me know in the comments.