- Practical Linux Security Cookbook
- Tajinder Kalsi
- 436字
- 2021-07-16 11:05:28
Conducting integrity checks of the installation medium using checksum
Whenever we download an image file of any Linux distribution, it should always be checked for correctness and safety. This can be achieved by doing an MD5 checksum of the downloaded image with the MD5 value of the correct image.
This helps in checking the integrity of the downloaded file. Any changes to the files can be detected by the MD5 hash comparison.
Whenever any changes take place in the downloaded files, the MD5 hash comparison can detect it. The larger the file size, the higher the possibility of changes in the file. It is always recommended to do the MD5 hash comparison for files such as operating system installation files on a CD.
Getting ready
The MD5 checksum is normally installed on most Linux distributions, so installation is not required.
How to do it…
- First open the Linux terminal and then change the directory to the folder containing the downloaded ISO file using the
ubuntu@ubuntu-desktop:~$ cd Downloadscommand. - After changing to the
Downloadsdirectory, type the following command:md5sum ubuntu-filename.iso - The
md5sumcommand will then print the calculated hash in a single line, as shown here:8044d756b7f00b695ab8dce07dce43e5 ubuntu-filename.iso
Now, we can compare the hash calculated by the preceding command with the hash on the UbuntuHashes page (https://help.ubuntu.com/community/UbuntuHashes). After opening the UbuntuHashes page, we just need to copy the preceding hash that has been calculated in the Find box of the browser (by pressing Ctrl + F).
How it works…
If the calculated hash and the hash on the UbuntuHashes page match, then the downloaded file is not damaged. If the hashes don't match, then there might be a problem with either the downloaded file or the server from where the download was made. Try downloading the file again. If the issue still persists, it is recommended that you report the issue to the administrator of the server.
See also
Here's something extra in case you want to go the extra mile: try out the GUI checksum calculator that is available for Ubuntu
Sometimes, it's really inconvenient to use a terminal in order to perform checksums. You need to know the right directory of the downloaded file and also the exact filename. This makes it difficult to remember the exact commands.
As a solution for this, there is a very small and simple software called GtkHash.
You can download the tool from http://gtkhash.sourceforge.net/, and install it using this command:
sudo apt-get install gtkhash
- Learn Blockchain Programming with JavaScript
- 大學計算機基礎(第三版)
- Beginning Java Data Structures and Algorithms
- Practical Internet of Things Security
- Java高手真經(高級編程卷):Java Web高級開發技術
- Mastering Google App Engine
- Java 11 Cookbook
- 零基礎輕松學SQL Server 2016
- 愛上micro:bit
- 輕松上手2D游戲開發:Unity入門
- Selenium WebDriver Practical Guide
- jQuery Mobile Web Development Essentials(Second Edition)
- Less Web Development Cookbook
- 軟件設計模式(Java版)
- 絕密原型檔案:看看專業產品經理的原型是什么樣