LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-01-2008, 06:27 AM   #1
ritam_bkp
Member
 
Registered: Sep 2008
Location: Calcutta,India
Distribution: Fedora 11, OpenSUSE 11.0
Posts: 116

Rep: Reputation: 17
Exclamation md5sum query


when i download a linux distro's iso...
a md5sum or sha1sum file is present in the download directory(index of directory)...
i wish to know..what they indicate...
and what is the use of such files??
would there be any problem if md5sums files are not present for each iso????????
 
Old 10-01-2008, 07:00 AM   #2
b0uncer
LQ Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
The checksums (md5sum, sha1sum, ...) are there so you can check that the file you downloaded is good/ok. If there is a problem with the file (i.e. at least one bit of it has changed for some reason from the original), the calculated checksum differs, usually a lot, and does not match the given checksum (which is in the MD5SUM or SHA1SUM or similar file). Thus you know the file is not good and can re-get it. So basically you are given the "known good" sum, you calculate the sum from your own copy and compare them. If the file is given, you don't need to compare the sums manually, but just feed the file to the checksum-calculating program and (typically) it also checks it for you. For example
Code:
md5sum -c MD5SUM
will check all the files mentioned in MD5SUM file (calculate their md5sums), then compare those calculated sums to the ones in the MD5SUM file. If they match, the file(s) is (are) probably good and it says "OK". Otherwise you're told the sums don't match.

So in short you don't need those sums, they're just a way for you to see if your files are probably right, or definitely not right.
 
Old 10-01-2008, 07:06 AM   #3
pinniped
Senior Member
 
Registered: May 2008
Location: planet earth
Distribution: Debian
Posts: 1,732

Rep: Reputation: 50
md5sum produces a hash; this particular algorithm is popular because it has properties which are useful for checking data integrity. A hash is a non-unique sequence produced by operating on a sequence of bits (a number or a string). Some types of hashes are used to help sort or locate information, but md5sum is used for checking data. md5sum can give that non-unique 'fingerprint' to a very large file; to reproduce the same hash result you will have to make many changes and most likely even need to change the size of the file. This makes the md5sum a very good tool for checking that the *.iso file that you downloaded is an exact copy of the file on the remote site. You just look at the published md5 hash and then compare it to what you get when you do: md5sum whatever.iso
 
Old 10-01-2008, 02:44 PM   #4
ritam_bkp
Member
 
Registered: Sep 2008
Location: Calcutta,India
Distribution: Fedora 11, OpenSUSE 11.0
Posts: 116

Original Poster
Rep: Reputation: 17
yah...
that was very helpful.
thanx guys
 
Old 10-01-2008, 04:23 PM   #5
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 12,603
Blog Entries: 25

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
Hi,

You can always 'man command' such as 'man md5sum' to get a better understanding.
 
Old 10-01-2008, 09:17 PM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 7,506

Rep: Reputation: 2388Reputation: 2388Reputation: 2388Reputation: 2388Reputation: 2388Reputation: 2388Reputation: 2388Reputation: 2388Reputation: 2388Reputation: 2388Reputation: 2388
Let's take a 20-megabyte file... pick one... and do an md5sum (say...) on that file.

Now, go back and change "just one lousy bit." Pick any one of the 160-million bits...

Whoa! The result of "md5sum" for the changed file is completely different! It's not just "a wee bit different," but rather, not-at-all the same.

And that, my friend, is precisely what algorithms like "md5" are for. The slightest difference between two files, i.e. the slightest error in copying or downloading, even "just one bit out of 120 million," is immediately recognizable because it produces a completely different result.

Verdict: if the value does not match exactly what you have been told to expect, download again.

Incidentally... cryptographic systems like "gpg" allow you to take this idea one step further: they produce a "digital signature" for a file that cannot be forged. They enable you to verify, not only that the file was correctly downloaded, but that the file you downloaded was in fact the one, byte-for-byte, that the publisher intended to provide.
 
Old 10-01-2008, 10:51 PM   #7
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 12,603
Blog Entries: 25

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
Hi,

That same thought should be applied to a burnt image of the downloaded iso. I've see to many posts with that being the problem. A lot of people assume the burn is OK. You should compare the burnt image with the original md5sum to confirm the burn is OK.
 
Old 10-02-2008, 08:18 AM   #8
ritam_bkp
Member
 
Registered: Sep 2008
Location: Calcutta,India
Distribution: Fedora 11, OpenSUSE 11.0
Posts: 116

Original Poster
Rep: Reputation: 17
yah
that is a really notable point
 
Old 10-02-2008, 02:14 PM   #9
ritam_bkp
Member
 
Registered: Sep 2008
Location: Calcutta,India
Distribution: Fedora 11, OpenSUSE 11.0
Posts: 116

Original Poster
Rep: Reputation: 17
when i download a movie from a torrent file..
does it contain a md5 checksum???????
does everyfile that we download from net has a checksum??
 
Old 10-02-2008, 02:33 PM   #10
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 12,603
Blog Entries: 25

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
Hi,

The md5sum is posted by the author/team for the file in question. Most reliable sites do provide the hash for the downloadable file.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
interesting MySQL query/view query :s mjh Programming 3 03-25-2008 08:30 AM
mysql use output of one query in another query secretlydead Programming 2 11-19-2007 02:25 AM
help with mysql query: return nth rows in query hawarden Programming 2 07-31-2006 07:36 PM
Help with MD5SUM Smokeball Linux - Newbie 3 08-30-2003 11:45 PM
Md5sum ? mikeshn Linux - General 6 07-03-2003 12:09 PM


All times are GMT -5. The time now is 12:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration