From Wikipedia, the free encyclopedia
  (Redirected from Sha256sum)
Jump to navigation Jump to search

sha1sum is a computer program that calculates and verifies SHA-1 hashes. It is commonly used to verify the integrity of files. It (or a variant) is installed by default in most Unix-like operating systems.[citation needed] Variants include shasum (which permits SHA-1 through SHA-512 hash functions to be selected manually), sha224sum, sha256sum, sha384sum and sha512sum, which use a specific SHA-2 hash function, and sha3sum (which permits SHA-3 through SHA3-512, SHAKE, RawSHAKE and Keccak functions to be selected manually). Versions for Microsoft Windows also exist, and the ActivePerl distribution includes a perl implementation of shasum. On FreeBSD this utility is called sha512 and contains additional features.

The SHA-1 variants are proven vulnerable to collision attacks, and users should use for example a SHA-2 variant such as sha256sum instead to prevent tampering by an adversary.[1][2]

It is included in GNU Core Utilities,[3] Busybox[4] and Toybox.[5]


To create a file with an sha1 hash in it, if one is not provided:

$ sha1sum filename [filename2] ... > SHA1SUM

If distributing one file, ".sha1" may be appended to the filename e.g.:

$ sha1sum my-zip.tar.gz > my-zip.tar.gz.sha1

The output contains one line per file of the form "{hash} SPACE ASTERISK [{directory} SLASH] {filename}". For example:

$ sha1sum -b my-zip.tar.gz
d5db29cd03a2ed055086cef9c31c252b4587d6d0 *my-zip.tar.gz
$ sha1sum -b subdir/filename2
55086cef9c87d6d031cd5db29cd03a2ed0252b45 *subdir/filename2

To verify the file was downloaded correctly:

$ sha1sum -c SHA1SUM
filename: OK
filename2: OK
$ sha1sum -c my-zip.tar.gz.sha1
my-zip.tar.gz: OK

Hash file trees[edit]

sha1sum can only create checksums of one or multiple files inside a directory, but not of a directory tree, i.e. of subdirectories, sub-subdirectories, etc. and the files they contain. This is possible by using sha1sum in combination with the commands find and xargs (and optionally with sort so that the files are sorted in the checksum file). sha1deep can create checksums of a directory tree.

You can also use sha1sum with exec:

$ find s_* -type f -exec sha1sum {} \;

65c23f142ff6bcfdddeccebc0e5e63c41c9c1721  s_1/file_s11
d3d59905cf5fc930cd4bf5b709d5ffdbaa9443b2  s_2/file_s21
5590e00ea904568199b86aee4b770fb1b5645ab8  s_a/file_02
51e612c2f909769a5b652417084e94a3a9d6c658  s_a/file_01

See also[edit]


  1. ^ Bruce Schneier. "Cryptanalysis of SHA-1". Schneier on Security.
  2. ^
  3. ^
  4. ^
  5. ^

External links[edit]