Terminal command?

camelia · Nov 9, 2017

Hi,

I found somewhere the following terminal command and a keep it because It is useful, but I forgot to add the description of what it does, can someone please remind me what is its purpose?

shasum /Volumes/Install\ macOS\ Sierra/Install\ macOS\ Sierra.app/Contents/SharedSupport/InstallESD.dmg

Thank you
Came

hallux · Nov 9, 2017

Put simply, that checks the MD5 hash on the downloaded file to verify the integrity.

BugHunter · Nov 9, 2017

Also here's an amazing tool for those of us who come across command line things and need a bit of explanation

https://explainshell.com/

Obviously it can only explain the what, not the intent, but I still think it's cool.

camelia · Nov 10, 2017

hallux said:
Put simply, that checks the MD5 hash on the downloaded file to verify the integrity.

Nop, it doesn't check MD5 hash it checks SHA1 Hash, but I still don't understand the path

kschendel · Nov 11, 2017

camelia said:
Nop, it doesn't check MD5 hash it checks SHA1 Hash, but I still don't understand the path

Another way to write the same thing is:

shasum "/Volumes/Install macOS Sierra/Install macOS Sierra.app/Contents/SharedSupport/InstallESD.dmg"

which might make more sense. Whitespace is an argument separator for the shell, so it has to be quoted or backslash-escaped.

camelia · Nov 14, 2017

kschendel said:
Another way to write the same thing is:

shasum "/Volumes/Install macOS Sierra/Install macOS Sierra.app/Contents/SharedSupport/InstallESD.dmg"

which might make more sense. Whitespace is an argument separator for the shell, so it has to be quoted or backslash-escaped.

Nice!

with quotes or without them, what does it hash???

kschendel · Nov 14, 2017

"man shasum" (in Terminal) to see what it does.

camelia · Nov 17, 2017

kschendel said:
"man shasum" (in Terminal) to see what it does.

wow that helps, but I still don't have an idea what is hashing...

whooleytoo · Nov 17, 2017

camelia said:
wow that helps, but I still don't have an idea what is hashing...

Hashes are a bit like a digital fingerprint, using a hashing function you can create a 'hash' for a file, and then display that hash along with the download. It's almost impossible to alter the file (say, to add some malware to it) without changing the fingerprint.

If you download the file, you can use a tool like the one you provided, to check the hash of the file; and compare it with the hash listed on the webpage. If they're exactly the same, it means the file (almost certainly) hasn't been altered. If they're different, it means the file you have has been altered somewhere by someone, and you shouldn't trust it.

In the above case, you're checking what the hash of the Sierra installer (disk image) is. Of course, that's only really useful if you know what the hash should be!

Search

Search

Terminal command?

camelia

macrumors 6502a

hallux

macrumors 68040

BugHunter

macrumors member

camelia

macrumors 6502a

kschendel

macrumors 65816

camelia

macrumors 6502a

kschendel

macrumors 65816

camelia

macrumors 6502a

whooleytoo

macrumors 604

Our Staff