sha512sum

Calculate the SHA512 checksum for one or more files

$ sha512sum [path/to/file1 path/to/file2 ...]

$ sha512sum [path/to/file1 path/to/file2 ...] > [path/to/file.sha512]

$ [command] | sha512sum

$ sha512sum [[-c|--check]] [path/to/file.sha512]

$ sha512sum [[-c|--check]] --quiet [path/to/file.sha512]

$ sha512sum --ignore-missing [[-c|--check]] --quiet [path/to/file.sha512]

$ echo [known_sha512_checksum_of_the_file] [path/to/file] | sha512sum [[-c|--check]]

sha512sum [OPTION]... [FILE]...
sha512sum -c [OPTION]... [FILE]

-b, --binary
    Read input in binary mode. This is the default for Windows, but generally text mode for Unix-like systems.

-c, --check
    Read SHA512 sums from the specified FILEs and verify them against the actual files. The input file typically contains lines formatted as: SHA512_HASH   FILENAME.

-t, --text
    Read input in text mode (default for Unix-like systems). This option is usually redundant unless explicitly overriding a binary mode default.

-z, --zero
    End each output line with a NUL character, rather than a newline. This is particularly useful when piping output to commands like xargs -0.

--ignore-missing
    When checking sums, do not report a failure or status for missing input files.

--quiet
    When checking sums, do not print 'OK' for each successfully verified file.

--status
    When checking sums, do not output anything; merely set the exit status to indicate success or failure.

--strict
    When checking sums, exit non-zero for improperly formatted digest lines, even if all other checks pass.

--tag
    Create a BSD-style checksum (e.g., 'SHA512 (filename) = hash'), which might be preferred for certain interoperability scenarios.

--warn
    Warn about improperly formatted digest lines when checking, but do not necessarily fail the entire check operation unless combined with --strict.

--version
    Output version information and exit.

--help
    Display a help message and exit.

The sha512sum command calculates and verifies SHA512 (Secure Hash Algorithm 512-bit) message digests for files. SHA-512 is a member of the SHA-2 family of cryptographic hash functions, which produces a 512-bit (64-byte) hash value, typically represented as 128 hexadecimal characters. This algorithm is designed to be highly collision-resistant, making it suitable for ensuring data integrity and detecting accidental corruption or malicious tampering.

Users commonly employ sha512sum to verify the integrity of downloaded files, ensuring they haven't been altered during transfer, or to check if files have changed since a known good state. By comparing a newly computed hash with a previously recorded, trusted hash, one can confirm the file's authenticity. It's a fundamental tool in secure computing, offering a robust cryptographic primitive for integrity checks where stronger guarantees than SHA-1 or MD5 are required.

SHA-512 provides strong cryptographic integrity but does not encrypt data or guarantee its confidentiality. Its effectiveness relies on the hash value being obtained from a trusted source, as a tampered file with a re-computed hash would still appear 'correct'. Processing very large files can be computationally intensive and time-consuming, depending on system resources.

When computing a checksum, sha512sum outputs a line for each processed file. This line consists of the 512-bit (128 hexadecimal characters) hash, followed by a space, an indicator character ('*' for binary mode, ' ' for text mode), and finally the filename.

Example:
0a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3d filename.txt

When using the -c (check) option, sha512sum reads lines from a file (which typically contains hashes and filenames generated by a previous sha512sum run) and verifies the hash for each specified file. It reports whether each file is 'OK', 'FAILED', or if the file is 'MISSING'. This feature is vital for automating integrity checks of multiple files.

Part of the GNU Core Utilities, sha512sum implements the SHA-512 algorithm from the SHA-2 family, developed by the NSA and standardized by NIST (National Institute of Standards and Technology). Its inclusion became crucial as older hash functions like MD5 and SHA-1 showed cryptographic weaknesses and became vulnerable to collision attacks, making stronger algorithms such as SHA-512 necessary for robust data integrity checks in modern computing environments.

md5sum(1), sha1sum(1), sha256sum(1), sha384sum(1), cksum(1), sum(1)