Validating the Files

Errors can occur during the download of CentOS ISOs, even if your download manager reports none. Therefore it is very important to check that the files have not been corrupted in any way. This is the purpose of the CHECKSUM files (md5sum.txt.asc, sha1sum.txt.asc, sha256sum.txt.asc) we include in the iso directory. They contain one line for each of the available ISO files with a content verification code, called a hash, computed from the original ISO files.

We include 3 files (md5sum.txt, sha1sum.txt, sha256sum.txt) and their gpg clear-signed copies (md5sum.txt.asc, sha1sum.txt.asc, sha256sum.txt.asc) copies that contain the hashes for different tools. We recommend that you use the sha256.txt.asc values if you can find an sha256sum tool for your environment.

If you wish to verify the clear text signature of the signed (.asc) files, see these detailed instructions

Checksum information is also listed via https in the Release Notes for each release and in the archived release announcement.

On Linux

Go to the directory where you downloaded the ISO in a command prompt and type:

sha256sum <name>.iso

Where <name> is the specific ISO you downloaded. For example in CentOS 6.5, for the minimal iso, it would be:

[jhughes@jhughes x86_64]$ sha256sum CentOS-6.5-x86_64-minimal.iso
f9d84907d77df62017944cb23cab66305e94ee6ae6c1126415b81cc5e999bdd0  CentOS-6.5-x86_64-minimal.iso

You would compare the hash received, in this case f9d84907d77df62017944cb23cab66305e94ee6ae6c1126415b81cc5e999bdd0, with the value in the file sha256sum.txt.asc. If it matches for CentOS-6.5-x86_64-minimal.iso, your iso download is good.

On Microsoft Windows GUI

There are a number of no-cost products available for file validation and hashing that have point and click interfaces. Here are links to a few of them:

Follow the instructions provided to install the program. When you run the program, use the file selection tools provided to select your downloaded ISO image files. Then select the SHA256 algorithm for calculation, and run the tool. The program takes some time to complete, since it must read the entire ISO file.

If you are using HashTab, you will need to enable the SHA256 checksum option. In order to do this open the File Properties window (right click --> File Hashes tab --> Settings), then select the SHA256 option. It is advisable to uncheck any preselected hash options as they will only slow down the hash calculations.

Open the file sha256sum.txt.asc with a text editor, such as Notepad, to display its contents. Make sure the hash displayed by the hash tool for each of the downloaded ISO files exactly matches the corresponding hash in the sha256sum.txt.asc file. If the tool does only sha1sum or md5sum, then you can use those files (sha1sum.txt.asc, md5sum.txt.asc) in our ISO directory for the compare.

If all of the hashes match, you can burn the ISO file to disc. If a file does not match, download it again.

On Microsoft Windows Command Prompt

To check the files using the command prompt, download the program sha256sum.exe. If you have any problems accessing sha256sum.exe, you can try to grab md5sum.exe. If you have downloaded md5sum.exe be sure to substitute for the correct tool below.

The sha256sum.exe program computes and displays hashes. To use it, save sha256sum.exe to the same directory as the ISO files. Select Run... from the Start menu and then enter cmd for the name of the program to start a Command Prompt window. Then change into the download directory. Run sha256sum with each ISO file like this:

cd "C:\Documents and Settings\Owner\My Documents\My Downloads"
sha256sum.exe CentOS-6.5-x86_64-minimal.iso

The program takes some time to complete, since it must read the entire ISO file.

Open the file sha256sum.txt.asc with a text editor, such as Notepad, to display its contents. Make sure the hash displayed by sha256sum.exe for each of the downloaded ISO files exactly matches the corresponding hash.

If all of the hashes match, you can burn the ISO file to disc. If a file does not match, download it again.

On Mac OS X

To check the files, download the program HashTab. Drag each CentOS image file that you want to validate, and drop it onto HashTab. Take note of the SHA256 value that HashTab displays.

Open the file sha256sum.txt.asc with a text editor, such as TextEdit, to display its contents. Make sure the hash displayed by HashTab for each of the downloaded ISO files exactly matches the corresponding hash in the sha256sum.txt.asc file.

To validate the files from the command line, use the shasum command. In order to correctly validate the files, the 256-bit algorithm must be specified. Change into the directory that holds the ISO image files, then run shasum. For example:

cd Desktop
shasum -a 256 CentOS-6.5-x86_64-minimal.iso

If all of the hashes match, you can burn the ISO file to disc. If a file does not match, download it again.

TipsAndTricks/sha256sum (last edited 2016-07-28 09:28:52 by JohnnyHughes)