LinuxCommandLibrary

sha1sum

Verify file integrity using SHA1 hash

TLDR

Calculate the SHA1 checksum for one or more files

$ sha1sum [path/to/file1 path/to/file2 ...]
copy

Calculate and save the list of SHA1 checksums to a file
$ sha1sum [path/to/file1 path/to/file2 ...] > [path/to/file.sha1]
copy

Calculate a SHA1 checksum from stdin
$ [command] | sha1sum
copy

Read a file of SHA1 checksums and filenames and verify all files have matching checksums
$ sha1sum [[-c|--check]] [path/to/file.sha1]
copy

Only show a message for missing files or when verification fails
$ sha1sum [[-c|--check]] --quiet [path/to/file.sha1]
copy

Only show a message when verification fails, ignoring missing files
$ sha1sum --ignore-missing [[-c|--check]] --quiet [path/to/file.sha1]
copy

Check a known SHA1 checksum of a file
$ echo [known_sha1_checksum_of_the_file] [path/to/file] | sha1sum [[-c|--check]]
copy

SYNOPSIS

sha1sum [OPTION]... [FILE]...

PARAMETERS

-b, --binary
    Read in binary mode (treat all files as binary)

-c, --check
    Read SHA1 sums from the FILEs and check them

--tag
    Create a BSD-style checksum

-t, --text
    Read in text mode (default)

-z, --zero
    End each output line with NUL, not newline, and disable filename escaping

--algorithm ALGO
    Choose digest algorithm. Valid ALGO values are sha224, sha256, sha384, sha512, sha3-224, sha3-256, sha3-384, sha3-512, shake128, shake256

--help
    Display help message and exit

--version
    Output version information and exit

DESCRIPTION

The sha1sum command computes and checks SHA1 message digests. SHA1 (Secure Hash Algorithm 1) is a cryptographic hash function producing a 160-bit (20-byte) hash value, often represented as a 40-digit hexadecimal number. sha1sum can be used to generate a hash of a file or standard input, and it can also verify the integrity of files by comparing the generated hash with a known hash value (often stored in a .sha1sum file). This is useful for verifying downloaded files have not been corrupted or tampered with during transmission.
The tool processes each file named as an argument, or standard input if no files are specified, and outputs the SHA1 hash, a space, and the filename. When verifying, it reads lines containing SHA1 hashes and filenames from a file or standard input, and reports whether each file matches the expected hash.

CAVEATS

SHA1 is considered cryptographically broken for collision resistance, meaning that it's possible to find two different inputs that produce the same hash value.
While still suitable for checksumming data for error detection, it should not be used for security-sensitive applications such as password storage or digital signatures.
Consider using sha256sum, sha512sum, or other stronger hash algorithms for those cases.

USAGE EXAMPLES

To generate the SHA1 hash of a file:
sha1sum myfile.txt

To verify SHA1 checksums from a file:
sha1sum -c checksums.sha1

To pipe the output of another command to sha1sum:
cat myfile.txt | sha1sum

HISTORY

sha1sum was created as part of the GNU Core Utilities, which provides basic file, shell, and text manipulation utilities. Its development was driven by the need for a standard tool to compute and verify SHA1 hashes across different platforms. Its usage became widespread for verifying the integrity of files downloaded from the internet and other applications where data integrity is crucial. Over time, as SHA1's weaknesses became apparent, newer tools like sha256sum and sha512sum were introduced using more secure hashing algorithms.

SEE ALSO

md5sum(1), sha256sum(1), sha512sum(1)

Copied to clipboard