sha384sum

Calculate the SHA384 checksum for one or more files

$ sha384sum [path/to/file1 path/to/file2 ...]

$ sha384sum [path/to/file1 path/to/file2 ...] > [path/to/file.sha384]

$ [command] | sha384sum

$ sha384sum [[-c|--check]] [path/to/file.sha384]

$ sha384sum [[-c|--check]] --quiet [path/to/file.sha384]

$ sha384sum --ignore-missing [[-c|--check]] --quiet [path/to/file.sha384]

$ echo [known_sha384_checksum_of_the_file] [path/to/file] | sha384sum [[-c|--check]]

sha384sum [OPTION]... [FILE]...

-b, --binary
    Read in binary mode.

-c, --check
    Read SHA384 sums from FILEs and check them.

--ignore-missing
    Don't fail or report status for missing files.

--no-dereference
    Don't follow symbolic links.

-q, --quiet
    Don't print OK for each successfully verified file.

--status
    Don't output anything, status code shows success.

-t, --text
    Read in text mode (default).

-w, --warn
    Warn about improperly formatted checksum lines.

--strict
    Exit non-zero for improperly formatted checksum lines.

--tag
    Create a BSD-style checksum.

--version
    Output version information and exit.

--help
    Display a help message and exit.

The sha384sum command is a utility in Linux systems used to compute and verify SHA384 (Secure Hash Algorithm 384-bit) cryptographic hashes. It reads input files or standard input and generates a unique 96-character hexadecimal representation of the file's contents, also known as a checksum or digest. This checksum can then be used to verify the integrity of the file. Any alteration to the file, even a single bit change, will result in a different checksum. This is essential for data integrity checks, verifying downloaded files, and detecting unintentional or malicious modifications. The command can operate in various modes including generating checksums, verifying checksums against a pre-existing file, and outputting in different formats. It's a powerful tool for ensuring data has not been tampered with. The command is part of the GNU coreutils package, making it a standard utility available on virtually all Linux distributions.

SHA384, while considered stronger than older algorithms like MD5 or SHA1, is still theoretically vulnerable to collision attacks, although practically finding such collisions remains computationally expensive. For extremely critical applications, consider stronger hashing algorithms like SHA512 or BLAKE3.

When used with the -c option, sha384sum expects a file containing SHA384 checksums generated previously. Each line in the file should consist of the checksum, followed by whitespace, and then the filename. The command will then re-calculate the checksum for each specified file and compare it to the checksum listed in the file. If the checksums match, the command prints 'OK' next to the filename; otherwise, it prints 'FAILED'.
Example: sha384sum -c checksum_file.txt

The -b and -t options control how sha384sum reads input. The default is -t (text mode) on systems that distinguish between text and binary files (e.g., Windows), and -b otherwise. In text mode, the command treats all lines as ending with a newline character and truncates the checksums accordingly. Binary mode reads the file exactly as it is without any interpretation.

sha384sum is part of the GNU coreutils package, which has been under development since the early 1990s. The SHA384 algorithm itself was developed by the National Security Agency (NSA) and published in 2001 as part of the SHA-2 family of hash functions. The sha384sum command was introduced to provide a robust checksumming utility using this stronger cryptographic hash, replacing older, less secure algorithms. Its widespread adoption coincided with the increasing awareness of security vulnerabilities in older hashing algorithms, making it a standard tool for data integrity verification across various Linux distributions.

md5sum(1), sha1sum(1), sha256sum(1), sha512sum(1)