sha512sum

Verify file integrity using SHA512 checksums

TLDR

Calculate the SHA512 checksum for one or more files

$ sha512sum [path/to/file1 path/to/file2 ...]

Calculate and save the list of SHA512 checksums to a file

$ sha512sum [path/to/file1 path/to/file2 ...] > [path/to/file.sha512]

Calculate a SHA512 checksum from stdin

$ [command] | sha512sum

Read a file of SHA512 checksums and filenames and verify all files have matching checksums

$ sha512sum [[-c|--check]] [path/to/file.sha512]

Only show a message for missing files or when verification fails

$ sha512sum [[-c|--check]] --quiet [path/to/file.sha512]

Only show a message when verification fails, ignoring missing files

$ sha512sum --ignore-missing [[-c|--check]] --quiet [path/to/file.sha512]

Check a known SHA512 checksum of a file

$ echo [known_sha512_checksum_of_the_file] [path/to/file] | sha512sum [[-c|--check]]

-b, --binary
    Read in binary mode.

-c, --check
    Read SHA512 sums from the FILEs and check them. Report any discrepancies.

--ignore-missing
    Don't fail or report status for missing files.

--no-dereference
    Don't follow symbolic links.

-q, --quiet
    Don't print OK for each successfully verified file.

--status
    Don't output anything; status code shows success.

-t, --text
    Read in text mode (default).

-w, --warn
    Warn about improperly formatted checksum lines.

--strict
    Exit non-zero for improperly formatted checksum lines.

--tag
    Create a BSD-style checksum

--help
    Display help message and exit.

--version
    Output version information and exit.

DESCRIPTION

The sha512sum command calculates and verifies SHA512 (Secure Hash Algorithm 2) checksums of files. These checksums are cryptographic hash functions that produce a unique fixed-size output (a 512-bit, or 64-byte, hash value) for any given input. This allows users to verify the integrity of files after transfer or storage. If a file has been altered, even slightly, the SHA512 checksum will be different. The command can also read checksums and filenames from a file and verify that the checksum of each file matches the provided checksum. This is commonly used to verify that downloaded files have not been corrupted or tampered with. If no file is specified, or if the filename is '-', sha512sum reads from standard input.

The output of sha512sum is typically a string containing the SHA512 hash, two spaces, and the filename. When verifying checksums, sha512sum reports whether each file's checksum matched or failed to match the provided checksum. It's crucial for maintaining data integrity and security.

CAVEATS

SHA512 checksums, while robust, are not immune to collision attacks. It's important to obtain checksums from a trusted source to ensure the integrity of the verified files. Also, be aware that the newline character handling can differ between operating systems when dealing with text files, potentially leading to checksum mismatches if files are transferred between systems with different newline conventions.

EXIT STATUS

The command returns an exit status of 0 if all files were successfully processed and verified (in check mode). A non-zero exit status indicates an error, such as a checksum mismatch or a file not found.

HISTORY

The sha512sum command is part of the GNU Coreutils package. It was developed as part of the GNU project to provide a standardized set of basic file, shell, and text manipulation utilities. It has been a widely used tool for file integrity verification for many years, providing a more secure alternative to older hashing algorithms like MD5.