“UbuntuHelp:HowToMD5SUM”的版本间的差异
来自Ubuntu中文
小 |
小 |
||
| 第3行: | 第3行: | ||
The program '''''md5sum''''' is designed to verify data integrity using the MD5 (Message-Digest algorithm 5) 128-bit cryptographic hash. MD5 hashes used properly can confirm both file integrity and authenticity. | The program '''''md5sum''''' is designed to verify data integrity using the MD5 (Message-Digest algorithm 5) 128-bit cryptographic hash. MD5 hashes used properly can confirm both file integrity and authenticity. | ||
In terms of integrity, an MD5 hash comparison detects changes in files that would cause errors. The possibility of changes (errors) is proportional to the size of the file; the possibility of errors increase as the file becomes larger. It is a very good idea to run an MD5 hash comparison check when you have a file like an operating system install CD that has to be 100% correct. | In terms of integrity, an MD5 hash comparison detects changes in files that would cause errors. The possibility of changes (errors) is proportional to the size of the file; the possibility of errors increase as the file becomes larger. It is a very good idea to run an MD5 hash comparison check when you have a file like an operating system install CD that has to be 100% correct. | ||
| − | In terms of security, cryptographic hashes such as MD5 allow for authentication of data obtained from insecure mirrors. The MD5 hash must be signed or come from a secure source (an HTTPS page) of an organization you trust. | + | In terms of security, cryptographic hashes such as MD5 allow for authentication of data obtained from insecure mirrors. The MD5 hash must be signed or come from a secure source (an HTTPS page) of an organization you trust. |
See the MD5SUMS file for the release you're using under http://releases.ubuntu.com (and optionally the [[UbuntuHelp:GnuPrivacyGuardHowto|PGP]] signatures in the MD5SUMS.gpg file), or refer to the secure [[UbuntuHelp:UbuntuHashes|UbuntuHashes]] page for the official list of Ubuntu MD5 hashes. | See the MD5SUMS file for the release you're using under http://releases.ubuntu.com (and optionally the [[UbuntuHelp:GnuPrivacyGuardHowto|PGP]] signatures in the MD5SUMS.gpg file), or refer to the secure [[UbuntuHelp:UbuntuHashes|UbuntuHashes]] page for the official list of Ubuntu MD5 hashes. | ||
| − | While security flaws in the MD5 algorithm have been uncovered, MD5 hashes are still useful when you trust the organization that produces them. Moving to more secure hashes like SHA-256 and Whirlpool is under discussion. | + | While security flaws in the MD5 algorithm have been uncovered, MD5 hashes are still useful when you trust the organization that produces them. Moving to more secure hashes like SHA-256 and Whirlpool is under [https://bugs.launchpad.net/ubuntu-website/+bug/245953 discussion]. |
== md5sum == | == md5sum == | ||
| − | The official '''md5sum page''' for Ubuntu, Kubuntu, Edubuntu and Xubuntu is [[UbuntuHelp:UbuntuHashes|UbuntuHashes]]. | + | The official '''md5sum page''' for Ubuntu, Kubuntu, Edubuntu and Xubuntu is [[UbuntuHelp:UbuntuHashes|UbuntuHashes]]. |
<<Anchor(linux)>> | <<Anchor(linux)>> | ||
== MD5SUM on Linux == | == MD5SUM on Linux == | ||
| − | Most Linux distributions come with the <code><nowiki>md5sum</nowiki></code> utility so installation is usually unnecessary. We are going to use the Ubuntu | + | Most Linux distributions come with the <code><nowiki>md5sum</nowiki></code> utility so installation is usually unnecessary. We are going to use the Ubuntu 8.10 [[UbuntuHelp:LiveCD|LiveCD]] for the following example: |
First go to the correct directory to check a downloaded ''iso'' file: | First go to the correct directory to check a downloaded ''iso'' file: | ||
<pre><nowiki> | <pre><nowiki> | ||
| 第16行: | 第16行: | ||
Then run the following command from within the download directory. | Then run the following command from within the download directory. | ||
<pre><nowiki> | <pre><nowiki> | ||
| − | md5sum ubuntu-8. | + | md5sum ubuntu-8.10-desktop-i386.iso</nowiki></pre> |
The md5sum should print out a single line after calculating the hash: | The md5sum should print out a single line after calculating the hash: | ||
<pre><nowiki> | <pre><nowiki> | ||
| − | + | 24ea1163ea6c9f5dae77de8c49ee7c03 ubuntu-8.10-desktop-i386.iso</nowiki></pre> | |
Compare the hash (the alphanumeric string on left) that your machine calculated with the corresponding hash on the [[UbuntuHelp:UbuntuHashes|UbuntuHashes]] page. When both hashes match exactly then the downloaded file is almost certainly intact. If the hashes do not match, then there was a problem with either the download or a problem with the server. You should download the file again from either the same mirror, or from a different mirror if you suspect a server error. If you continuously receive an erroneous file from a server, please be kind and notify the webmaster of that mirror so they can investigate the issue. | Compare the hash (the alphanumeric string on left) that your machine calculated with the corresponding hash on the [[UbuntuHelp:UbuntuHashes|UbuntuHashes]] page. When both hashes match exactly then the downloaded file is almost certainly intact. If the hashes do not match, then there was a problem with either the download or a problem with the server. You should download the file again from either the same mirror, or from a different mirror if you suspect a server error. If you continuously receive an erroneous file from a server, please be kind and notify the webmaster of that mirror so they can investigate the issue. | ||
| − | If you have the correct md5sum in a file in the same directory as the iso, you can then check the md5sum semi-automatically with md5sum. You will typically find the md5sum file on the download page where you obtained your iso. Ubuntu distributes the md5sums in a file "MD5SUMS" on this file is on the download page. | + | If you have the correct md5sum in a file in the same directory as the iso, you can then check the md5sum semi-automatically with md5sum. You will typically find the md5sum file on the download page where you obtained your iso. Ubuntu distributes the md5sums in a file "MD5SUMS" on this file is on the download page. |
<pre><nowiki> | <pre><nowiki> | ||
md5sum -c MD5SUMS | md5sum -c MD5SUMS | ||
| 第27行: | 第27行: | ||
== MD5SUM on Mac OS X == | == MD5SUM on Mac OS X == | ||
Follow the instructions for [[UbuntuHelp:[linux|MD5SUM on Linux]]], except use the command "md5" instead of "md5sum". | Follow the instructions for [[UbuntuHelp:[linux|MD5SUM on Linux]]], except use the command "md5" instead of "md5sum". | ||
| − | You can also find the MD5 hash using OS X's built in Disk Utility program. You can find it in the Utilities folder in Applications, or by choosing "Utilities" from the Finder's "Go" menu. Open Disk Utility and wait for it to gather information about your disks. Go to the directory where you downloaded the Ubuntu disk image, and drag it to Disk Utility's dock icon. For this example we'll be checking the Ubuntu | + | You can also find the MD5 hash using OS X's built in Disk Utility program. You can find it in the Utilities folder in Applications, or by choosing "Utilities" from the Finder's "Go" menu. Open Disk Utility and wait for it to gather information about your disks. Go to the directory where you downloaded the Ubuntu disk image, and drag it to Disk Utility's dock icon. For this example we'll be checking the Ubuntu 8.10 Desktop install CD. The disk image should show up on the left-hand side of Disk Utility, underneath your physical drives. Go to the "Images" menu and select Checksum > MD5. Be sure to choose "MD5" and NOT "MD5 image checksum", as they are not the same and will give you different results. Disk Utility will return, in this case, <code><nowiki>"Checksum of "ubuntu-8.10-desktop-i386.iso" completed. MD5 24ea1163ea6c9f5dae77de8c49ee7c03"</nowiki></code> Compare the MD5 Disk Utility gives you with the corresponding hash on the [[UbuntuHelp:UbuntuHashes|UbuntuHashes]] page. When both hashes match exactly then the downloaded file is almost certainly intact. |
If the hashes do not match, then there was a problem with either the download or a problem with the server. You should download the file again from either the same mirror, or from a different mirror if you suspect a server error. If you continuously receive an erroneous file from a server, please be kind and notify the webmaster of that mirror so they can investigate the issue. | If the hashes do not match, then there was a problem with either the download or a problem with the server. You should download the file again from either the same mirror, or from a different mirror if you suspect a server error. If you continuously receive an erroneous file from a server, please be kind and notify the webmaster of that mirror so they can investigate the issue. | ||
== digest(1) on Solaris == | == digest(1) on Solaris == | ||
Use the Solaris digest(1) command, specifying the md5 algorithm with the -a flag. For instance: | Use the Solaris digest(1) command, specifying the md5 algorithm with the -a flag. For instance: | ||
<pre><nowiki> | <pre><nowiki> | ||
| − | $ digest -a md5 ubuntu- | + | $ digest -a md5 ubuntu-8.10-desktop-i386.iso |
| − | + | 24ea1163ea6c9f5dae77de8c49ee7c03</nowiki></pre> | |
== MD5SUM on Windows == | == MD5SUM on Windows == | ||
Windows does not come with '''''md5sum'''''. You must download one from another location, preferably one that you trust. There are command line utilities (<code><nowiki>md5sum.exe</nowiki></code>) that work similarly to the Unix utility; one public domain version with source is available from [http://www.fourmilab.ch/md5/ Fourmilab], but the version available from [http://cygwin.com/ Cygwin] is probably easier to install and update, and Cygwin is also recommended and trusted as the source for many more Unixy utilities. Once installed, Cygwin's '''''md5sum''''' behaves exactly as described in '''''MD5SUM on Linux''''' above. | Windows does not come with '''''md5sum'''''. You must download one from another location, preferably one that you trust. There are command line utilities (<code><nowiki>md5sum.exe</nowiki></code>) that work similarly to the Unix utility; one public domain version with source is available from [http://www.fourmilab.ch/md5/ Fourmilab], but the version available from [http://cygwin.com/ Cygwin] is probably easier to install and update, and Cygwin is also recommended and trusted as the source for many more Unixy utilities. Once installed, Cygwin's '''''md5sum''''' behaves exactly as described in '''''MD5SUM on Linux''''' above. | ||
| 第47行: | 第47行: | ||
<ol><li>A message box will say "MD5 Check Sums are the same" if the hashes are equal.</li></ol> | <ol><li>A message box will say "MD5 Check Sums are the same" if the hashes are equal.</li></ol> | ||
| − | |||
| − | |||
| − | |||
== MD5SUM on CD == | == MD5SUM on CD == | ||
To see if your Ubuntu CD was corrupted when burned to the disk, see the [[UbuntuHelp:CDIntegrityCheck|CDIntegrityCheck]] page, or follow the instructions below. | To see if your Ubuntu CD was corrupted when burned to the disk, see the [[UbuntuHelp:CDIntegrityCheck|CDIntegrityCheck]] page, or follow the instructions below. | ||
| 第64行: | 第61行: | ||
cd / | cd / | ||
sudo umount /dev/hda</nowiki></pre> | sudo umount /dev/hda</nowiki></pre> | ||
| + | == MD5SUM of burnt media == | ||
| + | Depending on how you burn your ISOs you can check the burnt media directly. Start by checking that the ISO file is correct: | ||
| + | <pre><nowiki> | ||
| + | $ grep ubuntu-8.10-desktop-i386.iso MD5SUMS | tee /proc/self/fd/2 | md5sum --check - | ||
| + | 24ea1163ea6c9f5dae77de8c49ee7c03 *ubuntu-8.10-desktop-i386.iso | ||
| + | ubuntu-8.10-desktop-i386.iso: OK | ||
| + | </nowiki></pre> | ||
| + | Now burn it from Nautilus (right-click, "Write to Disc ..."). To check the media directly: | ||
| + | <pre><nowiki> | ||
| + | $ md5sum /dev/cdrom | ||
| + | 24ea1163ea6c9f5dae77de8c49ee7c03 /dev/cdrom | ||
| + | </nowiki></pre> | ||
| + | where "/dev/cdrom" is typically a soft-link to your CD/DVD reader/burner. Note that the checksum matches. | ||
== External Links == | == External Links == | ||
* [http://en.wikipedia.org/wiki/Cryptographic_hash_function Wikipedia's Cryptographic Hash Entry] | * [http://en.wikipedia.org/wiki/Cryptographic_hash_function Wikipedia's Cryptographic Hash Entry] | ||
[[UbuntuHelp:VerifyIsoHowto|VerifyIsoHowto]] | [[UbuntuHelp:VerifyIsoHowto|VerifyIsoHowto]] | ||
| − | |||
| − | |||
[[category:UbuntuHelp]] | [[category:UbuntuHelp]] | ||
2009年5月12日 (二) 17:12的版本
 |
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
The program md5sum is designed to verify data integrity using the MD5 (Message-Digest algorithm 5) 128-bit cryptographic hash. MD5 hashes used properly can confirm both file integrity and authenticity. In terms of integrity, an MD5 hash comparison detects changes in files that would cause errors. The possibility of changes (errors) is proportional to the size of the file; the possibility of errors increase as the file becomes larger. It is a very good idea to run an MD5 hash comparison check when you have a file like an operating system install CD that has to be 100% correct. In terms of security, cryptographic hashes such as MD5 allow for authentication of data obtained from insecure mirrors. The MD5 hash must be signed or come from a secure source (an HTTPS page) of an organization you trust. See the MD5SUMS file for the release you're using under http://releases.ubuntu.com (and optionally the PGP signatures in the MD5SUMS.gpg file), or refer to the secure UbuntuHashes page for the official list of Ubuntu MD5 hashes. While security flaws in the MD5 algorithm have been uncovered, MD5 hashes are still useful when you trust the organization that produces them. Moving to more secure hashes like SHA-256 and Whirlpool is under discussion.
目录
md5sum
The official md5sum page for Ubuntu, Kubuntu, Edubuntu and Xubuntu is UbuntuHashes. <<Anchor(linux)>>
MD5SUM on Linux
Most Linux distributions come with the md5sum utility so installation is usually unnecessary. We are going to use the Ubuntu 8.10 LiveCD for the following example:
First go to the correct directory to check a downloaded iso file:
cd download_directory
Then run the following command from within the download directory.
md5sum ubuntu-8.10-desktop-i386.iso
The md5sum should print out a single line after calculating the hash:
24ea1163ea6c9f5dae77de8c49ee7c03 ubuntu-8.10-desktop-i386.iso
Compare the hash (the alphanumeric string on left) that your machine calculated with the corresponding hash on the UbuntuHashes page. When both hashes match exactly then the downloaded file is almost certainly intact. If the hashes do not match, then there was a problem with either the download or a problem with the server. You should download the file again from either the same mirror, or from a different mirror if you suspect a server error. If you continuously receive an erroneous file from a server, please be kind and notify the webmaster of that mirror so they can investigate the issue. If you have the correct md5sum in a file in the same directory as the iso, you can then check the md5sum semi-automatically with md5sum. You will typically find the md5sum file on the download page where you obtained your iso. Ubuntu distributes the md5sums in a file "MD5SUMS" on this file is on the download page.
md5sum -c MD5SUMS
MD5SUM on Mac OS X
Follow the instructions for [[UbuntuHelp:[linux|MD5SUM on Linux]]], except use the command "md5" instead of "md5sum".
You can also find the MD5 hash using OS X's built in Disk Utility program. You can find it in the Utilities folder in Applications, or by choosing "Utilities" from the Finder's "Go" menu. Open Disk Utility and wait for it to gather information about your disks. Go to the directory where you downloaded the Ubuntu disk image, and drag it to Disk Utility's dock icon. For this example we'll be checking the Ubuntu 8.10 Desktop install CD. The disk image should show up on the left-hand side of Disk Utility, underneath your physical drives. Go to the "Images" menu and select Checksum > MD5. Be sure to choose "MD5" and NOT "MD5 image checksum", as they are not the same and will give you different results. Disk Utility will return, in this case, "Checksum of "ubuntu-8.10-desktop-i386.iso" completed. MD5 24ea1163ea6c9f5dae77de8c49ee7c03" Compare the MD5 Disk Utility gives you with the corresponding hash on the UbuntuHashes page. When both hashes match exactly then the downloaded file is almost certainly intact.
If the hashes do not match, then there was a problem with either the download or a problem with the server. You should download the file again from either the same mirror, or from a different mirror if you suspect a server error. If you continuously receive an erroneous file from a server, please be kind and notify the webmaster of that mirror so they can investigate the issue.
digest(1) on Solaris
Use the Solaris digest(1) command, specifying the md5 algorithm with the -a flag. For instance:
$ digest -a md5 ubuntu-8.10-desktop-i386.iso 24ea1163ea6c9f5dae77de8c49ee7c03
MD5SUM on Windows
Windows does not come with md5sum. You must download one from another location, preferably one that you trust. There are command line utilities (md5sum.exe) that work similarly to the Unix utility; one public domain version with source is available from Fourmilab, but the version available from Cygwin is probably easier to install and update, and Cygwin is also recommended and trusted as the source for many more Unixy utilities. Once installed, Cygwin's md5sum behaves exactly as described in MD5SUM on Linux above.
There are also graphical tools such as the one used in the walk-through provided below.
- Download and install winMD5Sum, a free and open source hash verification program.
- Right-click the ISO file.
- Click Send To, then `winMD5Sum`.
- Wait for `winMD5Sum` to load and finish the checksum (this may take a significant amount of time depending on your computer's performance).
- Copy the corresponding hash from UbuntuHashes into the bottom text box.
- Click "Compare"
- A message box will say "MD5 Check Sums are the same" if the hashes are equal.
MD5SUM on CD
To see if your Ubuntu CD was corrupted when burned to the disk, see the CDIntegrityCheck page, or follow the instructions below. First mount the CD, if not already mounted:
sudo mount /dev/hda /cdrom
Then use the supplied md5sum file on the CD:
cd /cdrom md5sum -c md5sum.txt | grep -v 'OK$'
Be patient, it takes some time. If the command outputs any errors, you'll know that either the burn was bad or the .iso is corrupt. Please note that this method does not verify authenticity unless the hash of the iso file is compared to the hash at the secure UbuntuHashes page. Finally, you can unmount the CD after leaving the folder:
cd / sudo umount /dev/hda
MD5SUM of burnt media
Depending on how you burn your ISOs you can check the burnt media directly. Start by checking that the ISO file is correct:
$ grep ubuntu-8.10-desktop-i386.iso MD5SUMS | tee /proc/self/fd/2 | md5sum --check - 24ea1163ea6c9f5dae77de8c49ee7c03 *ubuntu-8.10-desktop-i386.iso ubuntu-8.10-desktop-i386.iso: OK
Now burn it from Nautilus (right-click, "Write to Disc ..."). To check the media directly:
$ md5sum /dev/cdrom 24ea1163ea6c9f5dae77de8c49ee7c03 /dev/cdrom
where "/dev/cdrom" is typically a soft-link to your CD/DVD reader/burner. Note that the checksum matches.
