Verify SHA1 Hash with openssl
An alternative to checking a SHA1 hash with shasum is to use openssl. Yes, the same openssl utility used to encrypt files can be used to verify the validity of files.
The syntax is quite similar to the shasum command, but you do need to specify ‘sha1’ as the specific algorithm like so:
openssl sha1 /path/to/filename
To verify a file on the desktop, the command would look like this:
openssl sha1 ~/Desktop/DownloadedFile.dmg
The output isn’t quite as nice as shasum, but it remains easy to interpret:
$ openssl sha1 ~/Desktop/DownloadedFile.dmg
SHA1(/Users/OSXDaily/Desktop/DownloadedFile.dmg)= ba33b60954960b0836daac20b98abd25a21618da3
For the average user, there isn’t much advantage to use openssl over shasum when verifying checksums, so it’s mostly a matter of habit and whichever is most convenient.
Thanks to those readers who recommended this.
Using openssl is OK, but it’s nowhere near as good as this:
$ shasum /bin/* > SHASUM
$ shasum –check SHASUM
/bin/[: OK
/bin/bash: OK
/bin/cat: OK
…
/bin/zsh: OK
You will often see SHASUM, SHA1SUM or SHA256SUM files alongside other downloads; “shasum –check” is a really easy way to check your downloads. If the SHASUM file contains a lot of checksums for files you didn’t download then
shasum –check <(fgrep "$(ls)" SHASUM)
will check just the files that you have in the current directory.
This little script let isn't perfect; it doesn't handle anything but simple filenames in the SHASUM file and there are various other pathological cases where it fails. On the other hand, it almost always works just as you'd like it. I use it a lot!
We need more of this stuff – Lion is simple to use, but when I need to get to the guts there’s not a lot of help out there…I was a DOS assembler programmer way back, but can’t find the time to really learn Unix…