Conducting integrity checks of the installation medium using checksum
Whenever we download an image file of any Linux distribution, it should always be checked for correctness and safety. This can be achieved by doing an MD5 checksum of the downloaded image with the MD5 value of the correct image.
This helps in checking the integrity of the downloaded file. Any changes to the files can be detected by the MD5 hash comparison.
Whenever any changes take place in the downloaded files, the MD5 hash comparison can detect it. The larger the file size, the higher the possibility of changes in the file. It is always recommended to do the MD5 hash comparison for files such as operating system installation files on a CD.
Getting ready
The MD5 checksum is normally installed on most Linux distributions, so installation is not required.
How to do it…
- First open the Linux terminal and then change the directory to the folder containing the downloaded ISO file using the
ubuntu@ubuntu-desktop:~$ cd Downloadscommand.Note
Linux is case-sensitive, and type the correct spelling for the folder name. Downloads is not the same as downloads in Linux.
- After changing to the
Downloadsdirectory, type the following command:md5sum ubuntu-filename.iso - The
md5sumcommand will then print the calculated hash in a single line, as shown here:8044d756b7f00b695ab8dce07dce43e5 ubuntu-filename.iso
Now, we can compare the hash calculated by the preceding command with the hash on the UbuntuHashes page (https://help.ubuntu.com/community/UbuntuHashes). After opening the UbuntuHashes page, we just need to copy the preceding hash that has been calculated in the Find box of the browser (by pressing Ctrl + F).
How it works…
If the calculated hash and the hash on the UbuntuHashes page match, then the downloaded file is not damaged. If the hashes don't match, then there might be a problem with either the downloaded file or the server from where the download was made. Try downloading the file again. If the issue still persists, it is recommended that you report the issue to the administrator of the server.
See also
Here's something extra in case you want to go the extra mile: try out the GUI checksum calculator that is available for Ubuntu
Sometimes, it's really inconvenient to use a terminal in order to perform checksums. You need to know the right directory of the downloaded file and also the exact filename. This makes it difficult to remember the exact commands.
As a solution for this, there is a very small and simple software called GtkHash.
You can download the tool from http://gtkhash.sourceforge.net/, and install it using this command:
sudo apt-get install gtkhash
