How to use the command 'sha256sum' (with examples)
The command ‘sha256sum’ is used to calculate the SHA256 cryptographic checksums of files. SHA256 is a widely used cryptographic hash function, and calculating the checksum helps ensure the integrity and authenticity of files. The checksum is a unique value that is generated based on the contents of the file, and any changes to the file will result in a different checksum.
Use case 1: Calculate the SHA256 checksum for one or more files
Code:
sha256sum path/to/file1 path/to/file2 ...
Motivation: This use case is helpful when you want to quickly calculate the checksum of one or more files and verify their integrity. For example, before transmitting files over an insecure network or storing them for long-term archiving, calculating the checksum provides a way to verify the files have not been tampered with.
Explanation: The command ‘sha256sum’ is followed by the paths of the files for which you want to calculate the checksum. You can provide one or more file paths as arguments.
Example output:
eb4e8134e95d725f808a00b7d5f0d0021f4f06ead3e105e668d1f53babf9a5a2 path/to/file1
d41577a2a07dc5fcdad152ed94bbca610d08e3019a70323e55a7cf9855de4592 path/to/file2
Use case 2: Calculate and save the list of SHA256 checksums to a file
Code:
sha256sum path/to/file1 path/to/file2 ... > path/to/file.sha256
Motivation: Saving the list of SHA256 checksums to a file allows for easy verification in the future. This is useful when you have a large number of files and want to periodically check their integrity without recalculating the checksums each time.
Explanation: Similar to the previous use case, the command ‘sha256sum’ is followed by the file paths. However, the output is redirected to a file using the >
symbol followed by the desired file path.
Example output: The checksums are saved to the specified file.
Use case 3: Calculate a SHA256 checksum from stdin
Code:
command | sha256sum
Motivation: This use case is useful when you want to calculate the checksum of the output from another command or a pipeline. It allows for more flexibility in generating checksums.
Explanation: In this use case, the command whose output you want to calculate the checksum for is piped into ‘sha256sum’. The output of the command is then used as input for the checksum calculation.
Example output:
3b2b7b52ae2a5e9759a7e28998e84ef494523d85d9f41c9686e3b728f3d8e836 (stdin)
Use case 4: Read a file of SHA256 sums and filenames and verify all files have matching checksums
Code:
sha256sum --check path/to/file.sha256
Motivation: Verifying the integrity of files using a pre-calculated list of checksums is important, especially when multiple files are involved. This use case allows you to check whether the files have matching checksums, indicating that they have not been modified.
Explanation: The ‘–check’ flag indicates that you want to check the files against a pre-calculated list of checksums. The file containing the checksums and filenames is provided as an argument after ‘–check’.
Example output: The command will print either a success message indicating that all files have matching checksums or an error message indicating which files have failed the verification.
Use case 5: Only show a message for missing files or when verification fails
Code:
sha256sum --check --quiet path/to/file.sha256
Motivation: This use case is helpful when you only want to be notified if there are any missing files or if the verification fails. It reduces the output noise and makes it easier to identify potential issues.
Explanation: The ‘–quiet’ flag suppresses the normal output, and only error messages are displayed. Combined with the ‘–check’ flag, this allows you to check files against the checksums without seeing the details of the successful verifications.
Example output: Only error messages will be shown if there are missing files or if the verification fails.
Use case 6: Only show a message when verification fails, ignoring missing files
Code:
sha256sum --ignore-missing --check --quiet path/to/file.sha256
Motivation: Ignoring missing files during verification can be useful in situations where you expect some files to be missing or have been removed. This use case allows you to focus on the verification failures without being notified about missing files.
Explanation: The ‘–ignore-missing’ flag tells ‘sha256sum’ to skip files that are not found, and the ‘–quiet’ flag suppresses normal outputs. When combined with the ‘–check’ flag, this command will only display error messages for files with failed verifications.
Example output: Only error messages will be shown for files with failed verifications, while missing files will be silently ignored.