display file checksums and block counts
cksum utility writes to the standard output a single
line for each input file. The format of this line varies with the algorithm
being used as follows:
- The output line consists of three whitespace separated fields: a CRC
checksum, the number of octets in the input, and name of the file or
string. If no file name is specified, the standard input is used and no
file name is written.
- all others
- The output line consists of four whitespace separated fields: the name of
the algorithm used, the name of the file or string in parentheses, an
equals sign, and the cryptographic hash of the input. If no file name is
specified, the standard input is used and only the cryptographic hash is
The options are as follows:
- Use the specified algorithm(s) instead of the default (cksum). Supported
algorithms include cksum, md5, rmd160, sha1, sha224, sha256, sha384,
sha512/256, and sha512. Multiple algorithms may be specified, separated by
a comma or whitespace. Additionally, multiple
options may be specified on the command line. Case is ignored when
matching algorithms. The output format may be specified on a per-algorithm
basis by using a single-character suffix, e.g. “sha256b”. If
the algorithm has a ‘b’ suffix, the checksum will be output
in base64 format. If the algorithm has an ‘x’ suffix, the
checksum will be output in hex format. If an algorithm with the same
output format is repeated, only the first instance is used. Note that
output format suffixes are not supported for the cksum algorithm.
- Output checksums in base64 notation, not hexadecimal by default. A
‘b’ or ‘x’ suffix on the algorithm will
override this default. This option is ignored for the cksum
- Compare the checksum of each file against the
checksums in the checklist. Any specified
file that is not listed in the
checklist will generate an error.
- If this option is specified, the file options become
checklists. Each checklist should contain hash results in the normal
format, which will be verified against the specified paths. Output
consists of the digest used, the file name, and an OK, FAILED, or MISSING
for the result of the comparison. This will validate any of the supported
checksums. If no file is given, stdin is used. The
-c option may not be used in conjunction with more
than a single
- Place the checksum into hashfile instead of
- Echoes stdin to stdout and appends the checksum to stdout.
- Only print the checksum (quiet mode) or if used in conjunction with the
-c flag, only print the failed cases.
- Reverse the format of the hash algorithm output, making it match the
checksum output format.
- Prints a checksum of the given string.
- Runs a built-in time trial. Specifying
times results in the number of rounds being multiplied by 10 for each
- Runs a built-in test script.
The default CRC used is based on the polynomial used for CRC error
checking in the networking standard ISO/IEC 8802-3:1996. The other available
algorithms are described in their respective man pages in section 3 of the
cksum utility exits 0 on success,
and >0 if an error occurs.
The default calculation is identical to that given in pseudo-code
in the following ACM article:
Dilip V. Sarwate,
Computation of Cyclic Redundancy Checks Via Table
Lookup, Communications of the ACM,
cksum utility is compliant with the
IEEE Std 1003.1-2008 (“POSIX.1”)
All the flags are extensions to that specification.
cksum utility appeared in
Do not use the cksum or md5 algorithms to verify file integrity. An attacker can
trivially produce modified payload that has the same checksum as the original
version. Use a cryptographic checksum instead.