Mac OS X: Command Line checksum - md5, sha1 and sha56

July 21, 2017

I’m often using MacOS X to verify checksum of files I’ve downloaded from the interwebs, such as .iso files.  I seem to quickly forget the simple commands that allow me to check files against 3 different types of hashes or checksums.  The commands should be similar when using a linux or unix variant.

Let’s say I want to burn an ISO to a usb drive for my new favorite linux distro, Kali Linux.  I first download the ISO file, such as, and save it to my hard drive, in the Downloads folder. As you can see, I prefer the MATE desktop and downloaded that one for this exercise.

I also would grab any checksum files if they were provided.  In the case of Kali, they provide the sha256 checksum on their downloads page, as shown in the screenshot below.

Whichever the case, I can use the appropriate command line checksum tool.

  • To get an MD5 checksum:

    md5 ~/Downloads/kali-linux-mate-2017.1-amd64.iso
  • To get a SHA1 checksum:

    shasum -a 1 ~/Downloads/kali-linux-mate-2017.1-amd64.iso
  • OR -

    shasum ~/Downloads/kali-linux-mate-2017.1-amd64.iso
  • Calculate SHA-256 checksum:

    shasum -a 256 ~/Downloads/kali-linux-mate-2017.1-amd64.iso

Since Kali gave us a sha256, let’s see what output that command generates.

Weedle:Downloads jware$ shasum -a 256 kali-linux-mate-2017.1-amd64.iso


3ea748aa8c5f50d80f020acdbca5f0398ee90242bb4413c12985e1865186ca9e kali-linux-mate-2017.1-amd64.iso

As you can see, the checksum matches that provided by the Kali Linux website. This confirms that the downloaded ISO is actually from Kali Linux and the download link wasn’t intercepted.

These are the 3 versions of the command I use most often on the mac. If you have different experience, please post comments or a link to better commands, please post below. I’ve built my career off learning from people a lot smarter than me.