SHA256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function that generates a unique, fixed-length string for a given file. It's commonly used to:
- Verify file integrity: Ensure a downloaded file hasn’t been tampered with.
- Authenticate downloads: Match the provided checksum with the file's checksum.
-
Open the Terminal:
- Use Spotlight (
Cmd + Space) to search for "Terminal" and open it.
- Use Spotlight (
-
Navigate to the File Location:
- Use the
cdcommand to go to the folder containing your file:cd /path/to/your/file
- Use the
-
Run the Checksum Command:
- Replace
yourfilewith the actual filename:shasum -a 256 yourfile
- Example output:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 yourfile - The long string is the file's SHA256 checksum.
- Replace
-
Compare Checksum Values:
- Match the output with the checksum provided by the file's source to ensure it’s unchanged.
When downloading files using curl, you can verify the integrity of the downloaded file by comparing its checksum with the expected value.
-
Download the File with
curl:- Replace
<url>with the file’s download link:Example:curl -O <url>
curl -O https://example.com/myfile.pkg
- Replace
-
Generate the Checksum:
- Run the same command as above to get the checksum of the downloaded file:
shasum -a 256 myfile.pkg
- Run the same command as above to get the checksum of the downloaded file:
-
Verify the Checksum:
- Compare the output of the command with the checksum provided by the file's source. If the checksums match, the file is intact.
- Download the file:
curl -O https://example.com/software.pkg
- Check the checksum:
shasum -a 256 software.pkg
- Compare with the provided checksum:
- If the checksum provided is
abc123..., ensure the output matches:abc123... software.pkg
- If the checksum provided is