How to check sha256sum of an ISO image (NOVICE WAY)

Write tutorials here
There are more tutorials here http://community.linuxmint.com/tutorial/welcome
Forum rules
Please don't add support questions to tutorials,start your own thread in the appropriate sub-forum instead. Before you post please read this
User avatar
slipstick
Level 5
Level 5
Posts: 795
Joined: Sun Oct 21, 2012 9:56 pm
Location: Somewhere on the /LL0 scale

Re: How to check sha256sum of an ISO image (NOVICE WAY)

Post by slipstick » Tue Sep 13, 2016 2:50 pm

phd21 wrote:Hi "wanderous",

Here is another console terminal command you can run that will "ignore any missing files", so that you do not get any "failed error" messages.

sha256sum --check --ignore-missing sha256sum.txt

Code: Select all

sha256sum --check --ignore-missing sha256sum.txt
Hope this helps ...
That option is not recognized by my system - I get this error message:

Code: Select all

sha256sum: unrecognized option '--ignore-missing'
I see from your signature that you are using LM17.3 KDE - I'm using 17.3 Cinnamon with bash version 4.3.11(1)-release (x86_64-pc-linux-gnu) - maybe you have a different bash version?

EDIT: I see that this is part of Gnu Coreutils and it seems I have version 8.21 released in Feb. 2013 and support for the "--ignore-missing" option wasn't added until ver. 8.25 released in Jan., 2016.

akstrachan
Level 1
Level 1
Posts: 1
Joined: Sun Dec 11, 2016 10:10 am

Re: How to check sha256sum of an ISO image (easy way)

Post by akstrachan » Sun Dec 11, 2016 10:24 am

I've had 7-zip installed for many years on Windows 7 x64 and is on the current version.
The right-click option wasn't there.
The solution was to start 7-zip, check the menu > Options and see that the option needed to be enabled.
Once I did that, the right-click option became available.

User avatar
prestonR
Level 5
Level 5
Posts: 844
Joined: Wed Jan 07, 2015 12:24 pm
Location: Harare

Re: How to check sha256sum of an ISO image (NOVICE WAY)

Post by prestonR » Tue Dec 20, 2016 1:43 pm

In Windows, use the built-in CertUtil tool from command line, 'start' => 'run':

Code: Select all

CertUtil -hashfile C:\Desktop\linux_mint.iso SHA256
or

Code: Select all

CertUtil -hashfile C:\Desktop\linux_mint.iso MD5

Spiderspoon
Level 1
Level 1
Posts: 48
Joined: Tue May 14, 2013 6:03 am

Re: How to check sha256sum of an ISO image (NOVICE WAY)

Post by Spiderspoon » Sat Apr 14, 2018 9:05 pm

jungle_boy wrote:
Tue Jul 19, 2016 1:01 pm
WINDOWS OS
In windows OS following this instructions:

1-Download and install the application HashTab
2-Open the directory where you downloaded the ISO image (usually the Download folder),
3-Right click on the downloaded ISO image and select Properties from the menu and check the file hashes tab
4- Cancel the hashing in progress and open setting option and check SHA-256, uncheck other options, let the system calculate again the hash
5-Open the sha256sums.txt file address to check the sum of the sha256sum of downloaded image
https://ftp.heanet.ie/mirrors/linuxmint ... 256sum.txt
6- Highlight and copy the corresponding ISO image sha256sum, past in the Hash comparison space
7-The system compares immediately and warns if they match or not.

Done
Some comments. I am using Windows 10. I expected to find a program called HashTab. After a couple of goes I noticed the instructions which popped up in the default browser. So I found the File Hashes tab in properties, which now appears to become a part of properties for all files.
4. Cancel the hashing in progress to the right of the advancing green bar. It took me ages to find Settings, as I was looking in the wrong places. Settings is in blue, just above Hash Comparison. Ensure only SHA-256 is checked, unchecking all other options. It is probably quicker to click on Select None, and then check SHA-256. Click OK and Hashing Progress will proceed. It will then read Hash Comparison and the Hash Value will appear in the box. It will give a green tick next to SHA-256. It is not finished yet. The green tick at this point does not mean success. You now have to compare this Hash Value with the relevant value in the sha256sum.txt file. Highlight and delete the value in the Hash Comparison box, as this is a copy of the Hash Value above. This box needs to be empty before proceeding.
6. Open the sha256sum.txt file and highlight the relevant Hash Value. This file contains a few hash values. Look for the one which matches the iso you have downloaded. Copy this highlighted section and paste it into the Hash Comparison box. If identical, you will get the green tick.

What I did was to make a copy of the sha256sum.txt with only the relevant hash value remaining. I deleted the rest. That way, when I repeated the test, it was easier. Also, having selected SHA-256 in Settings once, it remains the only one there. But you still have to Cancel the initial hashing. Clicking on Compare a file gave a red cross, even with the amended file. So I don't know what that is doing. I guess HashTab is written by someone else who uses that for some other purpose.

I've written all these words as I got it wrong the first time I did it and it took a few goes to figure it out. Once I did it correctly, it's simple. It doesn't need to be done often, only when you download a new iso.

Thanks. :D

User avatar
slipstick
Level 5
Level 5
Posts: 795
Joined: Sun Oct 21, 2012 9:56 pm
Location: Somewhere on the /LL0 scale

Re: How to check sha256sum of an ISO image (NOVICE WAY)

Post by slipstick » Sun Apr 15, 2018 1:04 am

Spiderspoon wrote:
Sat Apr 14, 2018 9:05 pm
It doesn't need to be done often, only when you download a new iso.
Once you can verify your new downloaded .iso file in Linux, it's even easier. Here is a script file which I have modified a little from one posted a couple of years ago on this forum by forum member "austin.texas". You can keep this script in a convenient location, for example in /home/username/bin. Then download your new iso file to the ~/Downloads folder and copy this script to that folder and execute the script with the .iso name as the parameter:

Code: Select all

#!/bin/bash

# Save this file in the ~/bin folder (or other convenient locations) as LM_iso_verify.sh
# When you want to check the integrity of the downloaded LMxx.x .iso file:
#
# Download or move your Mint xx.x.iso file to your Downloads folder.
# Move this sumLM18.sh file to the Downloads folder
#  and make sure it is marked as executable.  (Or if you keep it in /home/<your user name>/bin,
#  then it is should already be on the PATH, and you don't need to move it.)
#
# Open a terminal window and cd to ~/Downloads, then
# run the script with "./LM_iso_verify.sh  Mint-xx.x-correct-filename.iso"
# EXAMPLE:   ./LM_iso_verify.sh  linuxmint-18.3-cinnamon-64bit.iso
# or if the script is in /home/bin or otherwise on the PATH, then
# EXAMPLE:     LM_iso_verify.sh  linuxmint-18.3-cinnamon-64bit.iso



# Check for one parameter on the command line (the .iso file name)
if [ $# -ne 1 ]; then
	echo "Usage: $(basename "$0") linuxmint-xx.x-correct-filename.iso"
	exit 1
fi

# Check if that file exists in the working directory and is readable
if [ ! -r "$1" ]; then
	echo "File $1 does not exist or is not readable"
	exit 1
fi

# Importing the signing key (LM18 and higher)
gpg --keyserver keyserver.ubuntu.com --recv-key "27DE B156 44C6 B3CF 3BD7 D291 300F 846B A25B AE09"



# This is for LM18.3 versions - modify these wget lines as needed for other versions
# Download the Mint 18.3 sha256 sum txt files

# If heanet.ie site isn't working, comment out these two lines and uncomment the wget lines for the alternate site
#    or use another alternate of your choice.
wget https://ftp.heanet.ie/mirrors/linuxmint.com/stable/18.3/sha256sum.txt
wget https://ftp.heanet.ie/mirrors/linuxmint.com/stable/18.3/sha256sum.txt.gpg

# University of Oklahoma mirror - an alternate site if above heanet.ie isn't working
#wget http://reflection.oss.ou.edu/linuxmint/isos/linuxmint.com/stable/18.3/sha256sum.txt
#wget http://reflection.oss.ou.edu/linuxmint/isos/linuxmint.com/stable/18.3/sha256sum.txt.gpg




# Verify the signature on the sha256 sum text file
gpg --verify sha256sum.txt.gpg sha256sum.txt
echo "It should report that the signature is Good, $USER."
echo "You can ignore any warning about ...not certified..."
echo "..."

# compare the sha256 sum of your ISO image and the original Mint sha256 sum
echo "Calculating the sha256 sum for $1 and comparing it to the downloaded signed sha256 sum"
echo "Be patient, $USER. I am not that good at math"
echo "..."

sha256sum --check --ignore-missing sha256sum.txt


echo "Done."


The output looks like this:

Code: Select all

steve@steve-Z97X ~ $ cd ~/Downloads
steve@steve-Z97X ~/Downloads $ ./LM_iso_verify.sh linuxmint-18.3-cinnamon-64bit.iso
gpg: requesting key A25BAE09 from hkp server keyserver.ubuntu.com
gpg: key A25BAE09: "Linux Mint ISO Signing Key <root@linuxmint.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
--2018-04-14 23:48:35--  http://reflection.oss.ou.edu/linuxmint/isos/linuxmint.com/stable/18.3/sha256sum.txt
Resolving reflection.oss.ou.edu (reflection.oss.ou.edu)... 129.15.2.43
Connecting to reflection.oss.ou.edu (reflection.oss.ou.edu)|129.15.2.43|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 774 [text/plain]
Saving to: ‘sha256sum.txt’

sha256sum.txt                 100%[=================================================>]     774  --.-KB/s    in 0s      

2018-04-14 23:48:35 (257 MB/s) - ‘sha256sum.txt’ saved [774/774]

--2018-04-14 23:48:35--  http://reflection.oss.ou.edu/linuxmint/isos/linuxmint.com/stable/18.3/sha256sum.txt.gpg
Resolving reflection.oss.ou.edu (reflection.oss.ou.edu)... 129.15.2.43
Connecting to reflection.oss.ou.edu (reflection.oss.ou.edu)|129.15.2.43|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 819 [text/plain]
Saving to: ‘sha256sum.txt.gpg’

sha256sum.txt.gpg             100%[=================================================>]     819  --.-KB/s    in 0s      

2018-04-14 23:48:35 (257 MB/s) - ‘sha256sum.txt.gpg’ saved [819/819]

gpg: Signature made Wed 13 Dec 2017 10:16:15 AM CST using RSA key ID A25BAE09
gpg: Good signature from "Linux Mint ISO Signing Key <root@linuxmint.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 27DE B156 44C6 B3CF 3BD7  D291 300F 846B A25B AE09
It should report that the signature is Good, steve.
You can ignore any warning about ...not certified...
...
Calculating the sha256 sum for linuxmint-18.3-cinnamon-64bit.iso and comparing it to the downloaded signed sha256 sum
Be patient, steve. I am not that good at math
...
linuxmint-18.3-cinnamon-64bit.iso: OK
Done.
steve@steve-Z97X ~/Downloads $ 
And that's all you have to do to verify.

Notes: Read the instructions in the script - you will need to modify the wget commands for the particular .iso file version. Also, in this file which originally used the heanet mirror, I changed that to another mirror conveniently located near me - if the heanet site ever gets fixed (permission problem of some kind), you may want to change it back, or use another mirror located near you.

EDIT: edited script file comments to say that you don't have to move the script file to the Downloads folder if it is on the PATH. If you keep it in ~/bin, that directory is on the PATH.
EDIT#2: changed script back to use heanet site which is now working again. I left the OU site in as an alternate.
In theory, theory and practice are the same. In practice, they ain't.

Post Reply

Return to “Tutorials”