+5 votes
586 views
Use the Linux terminal to verify the integrity of downloaded files

in Guides by (467k points)
reopened | 586 views

1 Answer

+3 votes
Best answer

What is the process of verifying the integrity of a file?
Tools to verify the integrity of files from the Linux terminal.
Checksum verification files with extension: .sfv, .crc, .md5, etc.
Practical example to better understand the verification process.
cksum
md5sum
sha256sum.
Cksfv tool: create and verify SFV lists.
Cfv tool: create and verify lists in different formats.

Some time ago we dedicated an article to how to verify the integrity of files in Windows , something that is relatively simple in this operating system. My problem was that once I reached the Linux terminal, I lost this functionality because I didn't know the different tools. This has motivated me to write this little tutorial where I will teach you to verify the integrity of files from the Linux terminal .

image

Specifically I will use the terminal in a Linux Ubuntu 16.04 operating system. I will use the tools included in the operating system, without installing any additional software. I have encountered occasions when I would like to make a quick verification not only of the integrity of the file, but with this method, we can also check if two files are the same .

What is the process of verifying the integrity of a file?

When we talk about verifying the integrity of a file, we are talking about verifying that the data in a copy are exactly the same as in the original file. This verification allows us to avoid data corruption problems and ensure that the data has been stored correctly.

To perform this verification, there are different algorithms or hash functions that allow us to obtain the so-called checksum ( checksum ) . Many data transfer protocols, backup systems and even file compressors make use of these checksums.

Practical example to better understand the verification process.

To better understand the whole process, we will propose a very simple example. Imagine that we have a very important file called documento.bin and I want to copy it to a USB flash drive with the name documento_copia.bin , making sure that the data has not been altered during the process.

All I have to do is get the checksum of the original file (document.bin) and the checksum of the copied file (document_copy.bin) to compare them. If both checksum are the same, the file is an exact copy of the original and the data maintains its integrity. If, on the contrary, both checksum are different, the data has been damaged in the process.

Tools to verify the integrity of files from the Linux terminal.

In the GNU / Linux world there are many tools and commands to verify the integrity of the files, even package managers such as APT make use of these. In our case, we will use the most common tools that we can use from the console .

cksum

Cksum is the standard tool to calculate the 32-bit CRC checksum. There are different implementations of the CRC32 algorithm (Cyclic Redundancy Code) , but the cksum tool specifically uses the implementation of the Ethernet network standard.

If what we want to calculate is the 16-bit CRC (CRC16) , the tool we should use is sum , but its use is not recommended if we can use cksum .

From a security point of view, CRC32 is considered an insecure hash function , but to verify the integrity of files at home is more than enough. It has the advantage that it is an algorithm with great performance and fast .

To use this tool, simply execute the following command in the console:
cksum archivo

image

md5sum

The md5sum tool calculates the MD5 hashes of a file or data set. This allows us to verify the integrity of files and their use is quite widespread.

From the point of view of security, the MD5 algorithm is not considered safe and its use is not recommended in situations where a malicious user can modify it. Even so, to verify the integrity of files on our personal PC, it performs its function without problems.

We can use this from the terminal as follows:
md5sum archivo

image

sha256sum.

At present it is recommended to use the SHA-256 algorithm to calculate the checksums of the files and thus be able to verify their integrity. SHA-256 is the logical replacement of the MD5 algorithm, since for the moment no vulnerabilities have been discovered.

To calculate the SHA-256 checksum of a file from the Linux terminal we execute the command:
sha256sum archivo

image

There are other variants of the SHA algorithm that we can use using the tools: shasum , sha1sum , sha224sum , sha384sum and sha512sum .

Checksum verification files with extension: .sfv, .crc, .md5, etc.

We already know the tools to calculate checksums from the console, but in Linux there are also tools to check lists of checksums . This is especially useful when we have to verify several files.

Sometimes we can find files that make up checklists. These files contain a list consisting of the file name and its respective checksum.

Cksfv tool: create and verify SFV lists.

To check or create files with extension .sfv , in Linux we have the tool cksfv . In the case of Ubuntu, this tool is not installed by default, so we will have to install it with the command: sudo apt install cksfv .

Once the tool is installed, we can verify .sfv files from the terminal with the command :
cksfv -g /home/zeokat/lista.sfv

We can also create .sfv files with the command:
cksfv fichero1 fichero2 fichero3 > listado.sfv

Cfv tool: create and verify lists in different formats.

The cfv tool is more complete than cksfv, since it supports more file formats. Among the supported formats are the following: .sfv, .sfvmd5, .md5, .par, .par2, .crc, .csv, .torrent, sha1sum and md5sum .

In Ubuntu it is not installed by default, so we will have to install it with the command: sudo apt install cfv .

The basic command to verify a list of files is:
cfv -f /home/zeokat/test.sfv

To create a checklist, the basic command would be:
cfv -C -flista.sfv -tsfv documento.pdf documento2.jpg
cfv -C -f[nombre de lista] -t[formato de lista] [archivos"¦]

For more information, we can always use the cfv --h command to see the help screen.

Within the world of package integrity verification there are many other formats and tools depending on the type of distribution. Here ends the tutorial and I hope you learned the basics to verify the integrity of files.


by (2.9m points)

Related questions

+3 votes
1 answer
+3 votes
1 answer
+5 votes
1 answer
asked Aug 10, 2019 in Guides by backtothefuture (467k points) | 175 views
+5 votes
1 answer
+4 votes
1 answer
8,957 questions
9,060 answers
416 comments
2 users