From Wikipedia, the free encyclopedia
Jump to: navigation, search

sha1sum is a computer program that calculates and verifies SHA-1 hashes. It is commonly used to verify the integrity of files. It (or a variant) is installed by default in most Unix-like operating systems. Variants include shasum (which permits SHA-1 through SHA-512 hash functions to be selected manually) and sha224sum, sha256sum, sha384sum and sha512sum, which use a specific SHA-2 hash function. Versions for Microsoft Windows also exist, and the ActivePerl distribution includes a perl implementation of shasum. On FreeBSD this utility is called 'sha512' and contains additional features.

The SHA-1 variants are considered vulnerable to collision attacks, and users should use for example a SHA-2 variant such as sha256sum instead if used for the purpose of preventing tampering by an adversary.[1]


Several source code management systems, including Git, Mercurial, Monotone, and Fossil, use the sha1sum of various types of content (file content, directory trees, ancestry information, etc.) to uniquely identify them.


To create a file with an sha1 hash in it, if one isn't provided execute:

$ sha1sum filename [filename] ... > SHA1SUM

if you are distributing one file you can append ".sha1" to the filename e.g.:

$ sha1sum my-zip.tar.gz > my-zip.tar.gz.sha1

To verify the file was downloaded correctly you can execute:

$ sha1sum -c SHA1SUM
filename: OK
filename...: OK


$ sha1sum -c my-zip.tar.gz.sha1
my-zip.tar.gz: OK


Hash file trees[edit]

sha1sum can only create checksums of one or multiple files inside a folder, but not of a folder tree, i.e. of sub folders, sub-sub folders, etc. and the files they contain. This is possible by using sha1sum in combination with the commands find and xargs (and optionally with sort so that the files are sorted in the checksum file).

Example 1 - Prints hashes on the screen (replace path/to/folder with the path that you want to hash)

 find path/to/folder -type f -print0 | sort -z | xargs -0 sha1sum

Example 2 - Saves hashes to a file (replace path/to/folder with the path that you want to hash) and filename.sha1 with the output filename that the hashes should be written to)

 find path/to/folder -type f -print0 | sort -z | xargs -0 sha1sum > filename.sha1

See also[edit]


  1. ^ Bruce Schneier. "Cryptanalysis of SHA-1". Schneier on Security. 

External links[edit]