How to Verify SHA256 Checksum of File in Linux using sha256sum

The last week I intend to install Red Hat on my System. I was able to download and create a bootable device using the dd command without any hassle.

If you know, Red Hat has options to Test media & Install Red Hat Enterprises, so I have selected those options; while it’s verifying media, it shows the error of The file header checksum does not match computed checksum.

It literally slipped out of my mind to verify sha256sum, So I restarted my system, and when I validate, the checksum was different from what I downloaded.

Throughout this article, you will get to know What is SHA256 checksum, how to use sha256sum, and verify the downloaded ISO file.

Prerequisites

  • Terminal (non-sudoers can work perfectly)
  • Checksum file (It is necessary to validate)
  • File (Downloaded ISO file)

What is SHA256?

The SHA256 is part of the SHA2 family, and It stands for Secure Hash Algorithm and is developed by the United States National Security Agency.

If you split each word of SHA256, it depicts S for Secure, H as Hash values or Digest, and A as Algorithm with 256bits.

In short, SHA256 creates a hash or digest value of the file, and Once the file gets modified or tampered with, the original SHA256 digest value gets change.

What is SHA256 Checksum?

A checksum is a small piece of a file which contains a series of number and strings that can detect the file has been comprised while downloading from the Internet.

You can verify checksum with the checksum utility tool. For that, you should have the original checksum file to match.

How to Generate and Verify SHA256 Checksum with sha256sum

We can verify checksum using GUI applications and through command-line utility sha256sum, but in this article. We will cover the only sha256sum tools to check file authenticity.

A sha256sum is part of GNU Coreutils, so you do not need to perform any Installation.

To continue with this guide, you need to download a checksum. For this guide, I have already downloaded OpenSUSE Leap 15.2 Offline Image; now I need to Download Checksum.

Most of the Distributions provide checksum files to Download along with ISO files, so make to get Downloaded.

Download checksum

You can use wget command to Download the checksum file and move it to a folder where the ISO file is stored

$ wget https://download.opensuse.org/distribution/leap/15.2/iso/openSUSE-Leap-15.2-DVD-x86_64.iso.sha25

Once the checksum file is downloaded, we are ready to generate Checksum using the below command:

$ sha256sum openSUSE-Leap-15.2-DVD-x86_64.iso

0fd2d4e630b6579b933b5cb4930a8100acca6b4e29cd2738c4b7a9b2f76d80e4  openSUSE-Leap-15.2-DVD-x86_64.iso

After this, compare the checksum with the Downloaded checksum file. To check integrity, pass the following command with a parameter -c and provide a downloaded checksum file.

$ sha256sum -c openSUSE-Leap-15.2-DVD-x86_64.iso.sha256

openSUSE-Leap-15.2-DVD-x86_64.iso: OK
sha256sum: WARNING: 14 lines are improperly formatted 

We received the output ‘OK’, Which means the file has not been tampered or corrupted while downloading a file.

If you received the output ‘FAILED’, It means the file has been tampered or corrupted while downloading, so you need to download the file again; otherwise, you will not be able to install Respective Distributions.

To get more information about sha256sum read man page using the below command:

$ man sha256sum

Wrap-up

That’s all my friend to generate and verify checksum using sha256sumIn case you need some assistance from my end, feel free to comment Down.

Check out How to Install OpenSUSE Leap 15.2

If you want to share some feedback or any topic feel free to comment down.

Leave a Reply