[Linux] Calculate and Verify File Hash Values with md5sum and sha1sum

2026年1月20日

Overview

The md5sum and sha1sum commands calculate “hash values” (message digests) to confirm if a file was transferred correctly or if it has been tampered with. These are frequently used to check for corruption after downloading ISO images or to verify the integrity of backup data. While MD5 and SHA1 are now considered to have security vulnerabilities (and sha256sum is recommended for high-security purposes), they remain widely used for basic file integrity checks.

Specifications (Arguments and Options)

Syntax

md5sum [options] [filename]

sha1sum [options] [filename]

Main Arguments and Options

The options for md5sum and sha1sum are identical.

Option	Description
`-c` / `--check`	Reads MD5/SHA1 sums from a specified file and verifies them against actual files.
`--quiet`	Does not show “OK” for successful verifications; only displays files that failed.
`--status`	Produces no output. Use the exit status ($?) to determine the result (useful for scripts).
`--strict`	Returns a non-zero exit status if checksum lines are improperly formatted.
`-w` / `--warn`	Displays warnings for improperly formatted checksum lines.

Basic Usage

These commands output a hash value. This value is a unique string that changes completely if even a single bit of the file content is modified.

Command

# Display the MD5 hash of an ISO image
md5sum CentOS-7-x86_64-DVD.iso

# Display the SHA1 hash of a text file
sha1sum readme.txt

Execution Result

The output displays the “hash value” followed by the “filename.”

88edc60b556943147814b62768532550  CentOS-7-x86_64-DVD.iso
da39a3ee5e6b4b0d3255bfef95601890afd80709  readme.txt

Practical Commands

Verify File Integrity (Creating and Checking Checksum Files)

This is the standard workflow to save a hash value and verify the file content later.

Save the hash value to a file:

sha1sum test_data.txt > checksum.sha1

Verify using the saved hash:

sha1sum -c checksum.sha1
test_data.txt: OK

If the file has been tampered with, the result will show FAILED.

Check the Integrity of a Downloaded ISO Image

When downloading Linux distributions, verify your file against the official checksum list provided by the website.

# 1. Download the ISO and the checksum list (md5sum.txt)
wget http://mirror.example.com/centos/7/isos/x86_64/CentOS-7-x86_64-DVD.iso
wget http://mirror.example.com/centos/7/isos/x86_64/md5sum.txt

# 2. Extract the relevant line and pass it to the verification command
grep "CentOS-7-x86_64-DVD.iso" md5sum.txt | md5sum -c -
CentOS-7-x86_64-DVD.iso: OK

The hyphen - at the end tells the command to read from standard input.

Determine Verification Results via Exit Status (For Scripts)

The --status option is ideal for automation. It produces no text but returns an exit status ($?) that indicates success or failure.

# Run the verification (Status 0 if successful, 1 if failed)
md5sum --status -c checksum.md5

# Check the result
echo $?

Example Scenarios:

# Successful case
md5sum --status -c checksum.md5; echo $?
# Output: 0

# Case where the file was tampered with
echo "malicious data" >> target_file.txt
md5sum --status -c checksum.md5; echo $?
# Output: 1

Customization Points

Verifying Multiple Files: You can batch process files by redirecting multiple hashes into one list (e.g., md5sum *.iso > list.md5) and then checking them all at once with md5sum -c list.md5.
Using SHA256: While the command name is different, sha256sum functions exactly the same way and is the currently recommended standard for better reliability.

Important Notes

Security Strength: MD5 and SHA1 are vulnerable to “collisions,” where different files can produce the same hash. Use them only for error detection during transfers, not for sensitive security tasks like password hashing.
File Path Issues: Checksum files contain the filename or path. When verifying, ensure the directory structure matches the path stored in the hash file.
Line Endings: Checksum files created on Windows (using CRLF line endings) may cause format errors on Linux. Use dos2unix to convert them if necessary.

Applications

Identify Modified Files by Comparing with a Hash Database

You can create a baseline of hashes for all files in a directory and compare them later to detect unauthorized changes. This acts as a simple Intrusion Detection System (IDS).

# Create a baseline hash list for the directory
find /var/www/html -type f -exec md5sum {} + > website_snapshot.md5

# --- After some time ---

# Identify modified files (using --quiet to hide successful files)
md5sum --quiet -c website_snapshot.md5
/var/www/html/index.php: FAILED
/var/www/html/config.php: FAILED

Summary

The md5sum and sha1sum commands are fundamental tools for identifying a file’s “fingerprint.” Developing a habit of checking hash values after downloading large files or transferring critical data helps prevent troubleshooting issues caused by data corruption. For environments requiring higher reliability, the use of sha256sum is recommended.

よかったらシェアしてね！