Next: sha1sum
: Print or check SHA-1 digests, Previous: b2sum
: Print or check BLAKE2 digests, Up: Summarizing files [Contents][Index]
md5sum
: Print or check MD5 digestsmd5sum
computes a 128-bit checksum (or fingerprint or
message-digest) for each specified file.
Note: The MD5 digest is more reliable than a simple CRC (provided by
the cksum
command) for detecting accidental file corruption,
as the chances of accidentally having two files with identical MD5
are vanishingly small. However, it should not be considered secure
against malicious tampering: although finding a file with a given MD5
fingerprint is considered infeasible at the moment, it is known how
to modify certain files, including digital certificates, so that they
appear valid when signed with an MD5 digest. For more secure hashes,
consider using SHA-2, or the newer b2sum
command.
See sha2 utilities: Print or check SHA-2 digests. See b2sum
: Print or check BLAKE2 digests.
If a file is specified as ‘-’ or if no files are given
md5sum
computes the checksum for the standard input.
md5sum
can also determine whether a file and checksum are
consistent. Synopsis:
md5sum [option]… [file]…
For each file, ‘md5sum’ outputs by default, the MD5 checksum,
a space, a flag indicating binary or text input mode, and the file name.
Binary mode is indicated with ‘*’, text mode with ‘ ’ (space).
Binary mode is the default on systems where it’s significant,
otherwise text mode is the default. The cksum
command always
uses binary mode and a ‘ ’ (space) flag.
Without --zero, if file contains a backslash, newline, or carriage return, the line is started with a backslash, and each problematic character in the file name is escaped with a backslash, making the output unambiguous even in the presence of arbitrary file names.
If file is omitted or specified as ‘-’, standard input is read.
The program accepts the following options. Also see Common options.
Note this option is not supported by the cksum
command,
as it operates in binary mode exclusively.
Treat each input file as binary, by reading it in binary mode and
outputting a ‘*’ flag. This is the inverse of --text.
On systems like GNU that do not distinguish between binary
and text files, this option merely flags each input mode as binary:
the MD5 checksum is unaffected. This option is the default on systems
like MS-DOS that distinguish between binary and text files, except
for reading standard input when standard input is a terminal.
Read file names and checksum information (not data) from each
file (or from standard input if no file was specified) and report
whether the checksums match the contents of the named files.
The input to this mode of md5sum
is usually the output of
a prior, checksum-generating run of ‘md5sum’.
Three input formats are supported. Either the default output format described above, the --tag output format, or the BSD reversed mode format which is similar to the default mode, but doesn’t use a character to distinguish binary and text modes.
For the cksum
command, the --check option
supports auto-detecting the digest algorithm to use,
when presented with checksum information in the --tag output format.
Also for the cksum
command, the --check option
auto-detects the digest encoding, accepting both standard hexidecimal
checksums and those generated via cksum
with its
--base64 option.
Output with --zero enabled is not supported by --check.
For each such line, md5sum
reads the named file and computes its
MD5 checksum. Then, if the computed message digest does not match the
one on the line with the file name, the file is noted as having
failed the test. Otherwise, the file passes the test.
By default, for each valid line, one line is written to standard
output indicating whether the named file passed the test.
After all checks have been performed, if there were any failures,
a warning is issued to standard error.
Use the --status option to inhibit that output.
If any listed file cannot be opened or read, if any valid line has
an MD5 checksum inconsistent with the associated file, or if no valid
line is found, md5sum
exits with nonzero status. Otherwise,
it exits successfully.
Note the cksum
command doesn’t support --check
with the older ‘sysv’, ‘bsd’, or ‘crc’ algorithms.
This option is useful only when verifying checksums. When verifying checksums, don’t fail or report any status for missing files. This is useful when verifying a subset of downloaded files given a larger list of checksums.
This option is useful only when verifying checksums. When verifying checksums, don’t generate an ’OK’ message per successfully checked file. Files that fail the verification are reported in the default one-line-per-file format. If there is any checksum mismatch, print a warning summarizing the failures to standard error.
This option is useful only when verifying checksums. When verifying checksums, don’t generate the default one-line-per-file diagnostic and don’t output the warning summarizing any failures. Failures to open or read a file still evoke individual diagnostics to standard error. If all listed files are readable and are consistent with the associated MD5 checksums, exit successfully. Otherwise exit with a status code indicating there was a failure.
Output BSD style checksums, which indicate the checksum algorithm used.
As a GNU extension, if --zero is not used, file names with problematic
characters are escaped as described above, with the same escaping indicator of
‘\’ at the start of the line, being used.
The --tag option implies binary mode, and is disallowed with
--text mode as supporting that would unnecessarily complicate
the output format, while providing little benefit.
The cksum
command, uses --tag as its default output format.
Note this option is not supported by the cksum
command.
Treat each input file as text, by reading it in text mode and
outputting a ‘ ’ flag. This is the inverse of --binary.
This option is the default on systems like GNU that do not
distinguish between binary and text files. On other systems, it is
the default for reading standard input when standard input is a
terminal. This mode is never defaulted to if --tag is used.
When verifying checksums, warn about improperly formatted MD5 checksum lines. This option is useful only if all but a few lines in the checked input are valid.
When verifying checksums, if one or more input line is invalid, exit nonzero after all warnings have been issued.
Output a zero byte (ASCII NUL) at the end of each line, rather than a newline. This option enables other programs to parse the output even when that output would contain data with embedded newlines. Also file name escaping is not used.
An exit status of zero indicates success, and a nonzero value indicates failure.
Next: sha1sum
: Print or check SHA-1 digests, Previous: b2sum
: Print or check BLAKE2 digests, Up: Summarizing files [Contents][Index]