I am running an older system for which I cannot find sha1sum anywhere. Can you please add md5sum to the Downloads page for those of us for whom sha1sum is not available?
Thank you!
Re: Confirming Image Integrity
FORUM TIP: To view someone's posting history, sign in, click on their user name, then on "Search User's Posts." || Running ArchLinuxArm on Model 2B and 512MB Model B
-
Joe Schmoe
- Posts: 4277
- Joined: Sun Jan 15, 2012 1:11 pm
Re: Confirming Image Integrity
Two comments:
1) I ran into this exact problem (wanting to use the sha checksum thing on a Linux box that didn't have it installed). But I just Googled around and found the source code and compiled it. That is the usual solution to this sort of problem in the Linux world. If you want further help, let me know.
2) (Somewhat off topic to your post, but relevant nonetheless) I've suggested that people should try to boot up the SD card under QEMU - as a way of verifying that the card is OK.
1) I ran into this exact problem (wanting to use the sha checksum thing on a Linux box that didn't have it installed). But I just Googled around and found the source code and compiled it. That is the usual solution to this sort of problem in the Linux world. If you want further help, let me know.
2) (Somewhat off topic to your post, but relevant nonetheless) I've suggested that people should try to boot up the SD card under QEMU - as a way of verifying that the card is OK.
And some folks need to stop being fanboys and see the forest behind the trees.
(One of the best lines I've seen on this board lately)
(One of the best lines I've seen on this board lately)
Re: Confirming Image Integrity
All I have is a PDA and I cannot compile any source code. There are bound to be other people who for one reason or another cannot run sha1sum. It makes more sense to me, to just provide the md5sums for the official distributions, rather than make people wanting to check their downloads jump through lots of unnecessary hoops. I recall there is a third utility for some systems, maybe it is called checksum, and that could be added as well, all I know is that md5sum is the classic tool for Linux.
FORUM TIP: To view someone's posting history, sign in, click on their user name, then on "Search User's Posts." || Running ArchLinuxArm on Model 2B and 512MB Model B
Re: Confirming Image Integrity
Or just don't bother checking it?
Principal Software Engineer at Raspberry Pi (Trading) Ltd.
Contrary to popular belief, humorous signatures are allowed.
I've been saying "Mucho" to my Spanish friend a lot more lately. It means a lot to him.
Contrary to popular belief, humorous signatures are allowed.
I've been saying "Mucho" to my Spanish friend a lot more lately. It means a lot to him.
-
grumpyoldgit
- Posts: 1452
- Joined: Thu Jan 05, 2012 12:20 pm
Re: Confirming Image Integrity
I would agree. I've generally found that the best test for a downloaded zip file is that it doesn't unzip properly.
Re: Confirming Image Integrity
sdjf said:
all I know is that md5sum is the classic tool for Linux.
sha1sum has been in GNU coreutils (formerly textutils) for at least ten years and in busybox for over seven.
A long shot, since it sounds like you are on a very constrained platform, but you could also try "openssl sha1 < IMAGE". There may be some proprietary systems where openssl is available and sha1sum is not.
There is little benefit to providing weaker or non-crytographic hashes such as md5sum, or sum, cksum. The main purpose of the SHA-1 is to protect you from rogue mirrors, not download errors. The decompression program will detect the latter.
(Arguably we should be moving to the SHA-2 functions by now.)
all I know is that md5sum is the classic tool for Linux.
sha1sum has been in GNU coreutils (formerly textutils) for at least ten years and in busybox for over seven.
A long shot, since it sounds like you are on a very constrained platform, but you could also try "openssl sha1 < IMAGE". There may be some proprietary systems where openssl is available and sha1sum is not.
There is little benefit to providing weaker or non-crytographic hashes such as md5sum, or sum, cksum. The main purpose of the SHA-1 is to protect you from rogue mirrors, not download errors. The decompression program will detect the latter.
(Arguably we should be moving to the SHA-2 functions by now.)