Computer Security Information

File Integrity & Trusts

MD5SUM is one of the simplest, easiest, and quickest way to test for file integrity.
It allows creation of a "hash" which corresponds to the file in question.

Often times, when downloading an archive .zip, .tar.gz, .7z, .bz2, .iso and other types of compressed installation files,
you are presented with an option to download an MD5 file, which can be used to varify that the file you are downloading is legitimate.

The .md5 file MUST be properly formatted, meaning it is only one line, assuming we are only working with one file,
with no extra blank lines. The line MUST have the format of HASH_CODE and then two-spaces, no more, no less, followed by the name of the file you are verifying.

Here is an example of what the contents of the systemrescuecd-x86-4.9.0.iso.md5 file should look like, given the file we have downloaded and want to check for integrity is named systemrescuecd-x86-4.9.0.iso, which you will usually have to create, naming it systemrescuecd-x86-4.9.0.iso.md5 in our example:

8d6bcc8b3937accfb0b77b9006230475  systemrescuecd-x86-4.9.0.iso

Be sure to use the actual name of the file you are wanting to varify, in place of the file name I've used in my example.


To test the checksum of a downloaded file using an .md5 file containing the corresponding hash code and file name created in the above example, or otherwise obtained, run this command in a terminal:

md5sum -c systemrescuecd-x86-4.9.0.iso.md5

If the file checks out ok, it will respond with this:

systemrescuecd-x86-4.9.0.iso: OK

More info to come as time permits! Thanks for checking my websites out~!