Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

camelia

macrumors 6502a
Original poster
Apr 3, 2015
714
123
Mexico City
Hi,

I found somewhere the following terminal command and a keep it because It is useful, but I forgot to add the description of what it does, can someone please remind me what is its purpose?

shasum /Volumes/Install\ macOS\ Sierra/Install\ macOS\ Sierra.app/Contents/SharedSupport/InstallESD.dmg

Thank you
Came
 

hallux

macrumors 68040
Apr 25, 2012
3,439
1,005
Put simply, that checks the MD5 hash on the downloaded file to verify the integrity.
 

kschendel

macrumors 65816
Dec 9, 2014
1,297
573
Nop, it doesn't check MD5 hash it checks SHA1 Hash, but I still don't understand the path

Another way to write the same thing is:

shasum "/Volumes/Install macOS Sierra/Install macOS Sierra.app/Contents/SharedSupport/InstallESD.dmg"

which might make more sense. Whitespace is an argument separator for the shell, so it has to be quoted or backslash-escaped.
 
  • Like
Reactions: camelia and hwojtek

camelia

macrumors 6502a
Original poster
Apr 3, 2015
714
123
Mexico City
Another way to write the same thing is:

shasum "/Volumes/Install macOS Sierra/Install macOS Sierra.app/Contents/SharedSupport/InstallESD.dmg"

which might make more sense. Whitespace is an argument separator for the shell, so it has to be quoted or backslash-escaped.

Nice! :) with quotes or without them, what does it hash???
 

whooleytoo

macrumors 604
Aug 2, 2002
6,607
716
Cork, Ireland.
wow that helps, but I still don't have an idea what is hashing...

Hashes are a bit like a digital fingerprint, using a hashing function you can create a 'hash' for a file, and then display that hash along with the download. It's almost impossible to alter the file (say, to add some malware to it) without changing the fingerprint.

If you download the file, you can use a tool like the one you provided, to check the hash of the file; and compare it with the hash listed on the webpage. If they're exactly the same, it means the file (almost certainly) hasn't been altered. If they're different, it means the file you have has been altered somewhere by someone, and you shouldn't trust it.

In the above case, you're checking what the hash of the Sierra installer (disk image) is. Of course, that's only really useful if you know what the hash should be! :)
 
  • Like
Reactions: camelia
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.