The sha1sum command is a utility used to compute and verify SHA-1 (Secure Hash Algorithm 1) checksums. This command generates a 160-bit hash value, typically rendered as a 40-digit hexadecimal number, from input files or standard input. The primary purpose of sha1sum is to ensure data integrity by verifying that files have not been altered or corrupted. By comparing the SHA-1 hash of a file at different points in time or between different sources, users can determine if the file remains unchanged. This command is commonly used in software distribution to verify the integrity of downloaded files, ensuring they match the original files provided by developers.
The Linux command line offers several tools for checking and verifying a file’s integrity. One such tool is sha1sum, which we will discuss in this tutorial using some easy-to-understand examples. But before we do that, it’s worth mentioning that all examples here have been tested on an Ubuntu 24.04 LTS machine.
Linux sha1sum command
The sha1sum command is used to compute and check SHA1 message digest. Following is its syntax:
sha1sum [OPTION]... [FILE]...
And here’s how the man page describes this tool:
Print or check SHA1 (160-bit) checksums.
With no FILE, or when FILE is -, read standard input.
Following are some Q&A-styled examples that should give you a better idea of how this tool works.
Q1. How to use sha1sum command?
Basic usage is fairly simple – just run the command with a filename as input.
For example:
sha1sum test.txt
Here’s the output the above command produced on my system:
On the left is the message digest computed by the tool. Here’s how the output can be comprehended:
The default mode is to print a line with checksum, a space, a
character indicating input mode ('*' for binary, ' ' for text or
where binary is insignificant), and name for each FILE.
Q2. How to use sha1sum to verify a file’s integrity?
To do this, first save the message digest produced by the command in a .sha1 file. For example, here’s how we did it in our case:
sha1sum test.txt > test.sha1
Now, with both test.txt and test.sha1 in the same directory, use the -c command line option to verify the file’s integrity.
sha1sum -c test.sha1
In case the check fails, the tool produces the following output:
Q3. How to force sha1sum to read file in binary mode?
By default, the sha1sum command reads a file in text mode. However, you can force the tool to read in binary mode as well, which is something you can do using the -b option.
sha1sum -b [filename]
Q4. What sub-options are available while verifying checksums?
There are multiple preferences that you can set while verifying checksums using sha1sum. Here’s the list:
--ignore-missing
don't fail or report status for missing files--quiet
don't print OK for each successfully verified file--status
don't output anything, status code shows success--strict
exit non-zero for improperly formatted checksum lines-w, --warn
warn about improperly formatted checksum lines
Conclusion
As you’d agree, the sha1sum utility offers few features. We have already discussed most of its command-line options here. Once you’re done practicing these, head to the tool’s man page for more info.
