How to use the command `sha384sum` (with examples)
The sha384sum
command is a powerful tool for generating SHA-384 cryptographic checksums. This command is part of the GNU Core Utilities and is primarily used to ensure data integrity and verify file authenticity. By generating a unique cryptographic hash for files, sha384sum
can help detect any modifications or corruptions that may have occurred either during data transfer or storage. The SHA-384 algorithm offers a higher level of security than its predecessors, making it ideal for more robust checksum verification.
Calculate the SHA384 checksum for one or more files
Code:
sha384sum path/to/file1 path/to/file2 ...
Motivation:
When handling multiple files, it is crucial to ensure that all content remains unaltered across various processes. By computing the SHA-384 checksums, one can easily verify if the files have been tampered with or corrupted over time. This use case is especially useful for developers and system administrators who need to maintain the integrity of software packages, large datasets, or other critical files.
Explanation:
sha384sum
: Invokes the command to calculate SHA-384 hash values.path/to/file1 path/to/file2 ...
: Specifies the paths to the files for which the checksums are to be calculated. This can be one or multiple files.
Example Output:
b2e98ad6... path/to/file1
7e6a872b... path/to/file2
Each line comprises the SHA-384 checksum followed by the corresponding file name.
Calculate and save the list of SHA384 checksums to a file
Code:
sha384sum path/to/file1 path/to/file2 ... > path/to/file.sha384
Motivation:
In scenarios where you need to persist the checksums for later comparison or logging, saving the output to a file is advantageous. It allows for record-keeping of checksums for audit purposes or for future verification needs without recalculating the checksum every time.
Explanation:
sha384sum
: Executes the command to generate SHA-384 checksums.path/to/file1 path/to/file2 ...
: Corresponding files for which checksums are generated.>
: Redirects output to a specified file.path/to/file.sha384
: The target file to store computed checksums and file associations.
Example Output:
(Saved in path/to/file.sha384
)
b2e98ad6... path/to/file1
7e6a872b... path/to/file2
The redirected output includes checksums and filenames, much like direct console output.
Calculate a SHA384 checksum from stdin
Code:
command | sha384sum
Motivation:
Piping the output of a command directly into sha384sum
allows users to verify the integrity of data generated or transferred through streams. This is particularly useful for scripts or command-line operations where output is ephemeral and not stored in traditional files.
Explanation:
command
: Any shell command or script, the output of which needs verification.|
: The pipe operator that directs the output ofcommand
intosha384sum
.sha384sum
: Calculates the SHA-384 checksum of the data received from the pipeline.
Example Output:
b109f3b1... -
The checksum corresponds to the streamed input, with -
indicating the source from stdin.
Read a file of SHA384 checksums and filenames and verify all files have matching checksums
Code:
sha384sum --check path/to/file.sha384
Motivation:
Verification of file integrity over time or after data transmission is critical. By storing SHA-384 checksums in a file and later verifying them, users can confirm that files have not been altered since the checksums were initially created.
Explanation:
sha384sum
: Initiates the command to verify checksums.--check
: Option to verify file integrity against predefined checksums.path/to/file.sha384
: The file containing prior calculated checksums for various files.
Example Output:
path/to/file1: OK
path/to/file2: OK
Each line confirms the integrity of a file by reporting “OK” if the checksum matches.
Only show a message for missing files or when verification fails
Code:
sha384sum --check --quiet path/to/file.sha384
Motivation:
In environments where multiple files are validated, it is often unnecessary or cumbersome to see every verification message, especially for successful checks. By showing messages only for errors, the command output is streamlined, letting users focus on potential issues.
Explanation:
sha384sum
: Triggers the checksum verification process.--check
: Specifies file verification.--quiet
: Limits output to errors, reducing noise from successful checks.path/to/file.sha384
: The checksum file containing the expected results.
Example Output:
path/to/file2: FAILED
Output will only surface when unverified files are detected or if files are missing.
Only show a message when verification fails, ignoring missing files
Code:
sha384sum --ignore-missing --check --quiet path/to/file.sha384
Motivation:
In real-world scenarios, some files may no longer be required or are intentionally removed; therefore, it is useful to focus only on files that fail validation without reporting missing ones. This approach aids in managing information clutter within checks.
Explanation:
sha384sum
: Runs the command for checksum verification.--ignore-missing
: Ignores files listed in the checksum file that can’t be found.--check
: Checks file integrity.--quiet
: Ignores successful verifications in output.path/to/file.sha384
: File with checksums for comparison.
Example Output:
path/to/file3: FAILED
Error output is minimized strictly to mismatched checksums.
Check a known SHA384 checksum of a file
Code:
echo known_sha384_checksum_of_the_file path/to/file | sha384sum --check
Motivation:
To verify the integrity of a single file against a known valid checksum, directly comparing the expected checksum against the computed one ensures immediate and accurate verification. This is highly beneficial when a specific file’s checksum is documented and must match exactly.
Explanation:
echo
: Outputs a predefined line format with a checksum and file name.known_sha384_checksum_of_the_file
: Placeholder for the known checksum value.path/to/file
: File to verify against the known checksum.|
: Pipes the output from the echo command tosha384sum
.sha384sum --check
: Verifies file’s authenticity using the proposed checksum.
Example Output:
path/to/file: OK
Affirms the file’s integrity through matching checksums.
Conclusion:
The sha384sum
command serves as a crucial utility for ensuring data integrity and validating the authenticity of files across numerous platforms and scenarios. By leveraging different command options, users have extensive flexibility in managing checksum processes, allowing precise and effective verification practices.