How to verify checksums in Linux?

Method 1: Using GtkHash Application

Step 1: Open the GtkHash app that you just downloaded, you should now see the home screen of GtkHash.

Step 2: Open the app and go to edit>preferences and select all the algorithms you want to check for, the default layout should serve you well for general purposes, but if you want to customize a bit, you can select all the algorithms that you wish to check against.

Step 3: Browse the file of which you want to verify the checksum by clicking against the “File” box and browsing for it.

Step 4: Copy and Paste the original checksum value from the website or file to the “Check” box.

Step 5: Click on “hash”. Now it will compute the hash of the file. in our case, it will compute SHA256, SHA1, MD5 and CRC32, as we set the default values in the preferences.

Step 6: If any one of the file’s hash matches the value you copy-pasted, then it will show a checkmark next to it as you can see in the image below.

Method 2: Terminal method

To verify checksums in Linux using the terminal you should follow the following steps:

Step 1: Open the folder where you have the program or file stored in the terminal.

Step 2: Now verify the hash

As an example, we will be verifying Linux mint XFCE’s disk image using different algorithms

1. Verifying SHA256 checksum:

Sha 256 is the most popular checksum for verification purposes, so it is very likely that you may find it on the website of the file that you just downloaded. To verify the Sha256 checksum enter the following command into the terminal.

sha256sum "filename"

For our example it would be:

sha256sum linuxmint-21.1-xfce-64bit.iso

2. Verifying SHA1 checksum:

As discussed earlier researchers have found collision in this algorithm and you may not find it on the website of the software, but if for some reason, you only have SHA1 to verify, then here is the command.

sha1sum "filename"

3. Verifying MD5 checksum

Like SHA1, finding MD5 on a website is rare but if you only have that then enter this command into the terminal.

md5sum "filename"

Step 3: Now, compare the output you got in the terminal with the checksum given in the website or file. If both are the same then the integrity of the file is verified.

You just downloaded the latest version of your favorite distribution’s disk image and you are all ready to flash it to your USB and experience the latest and greatest, sounds great right? yeah, but before you press the install button there is an important verification step that helps to check the integrity of your file – Verifying Checksum.