When you download a Linux ISO file, you may have noticed a checksum near the download link. The checksum is a long list of numbers and letters that don't actually mean anything. The purpose of this checksum is to help you confirm that the file you downloaded is exactly the file you expected, that it hasn't been corrupted by an incomplete download or someone tampering with the file before it gets to you.

There are several ways to verify a file's integrity on Linux. Have a look at the following programs and see which one appeals to you.

1. Hashbrown

hashbrown-checksums-gnome

Many of the most well-established and widely used Linux distributions use the GNOME desktop interface by default. This includes Ubuntu and Fedora. So let's begin with a simple app made for GNOME that requires perhaps the least technical knowledge.

When you first launch Hashbrown, the app tells you what it does and provides you with only one option, to open a file. Once you open a file, you get a view of MD5, SHA-1, SHA-256, and SHA-512 hashes all in one place.

If the numbers match the checksum you were provided with, then you're done. Close the app and be on your way. If you aren't sure, click on the Tools tab and have the app check for you.

Don't know what those different hashing algorithms are? Click the settings cog in the header bar. There you will find an option to view an explanation on Wikipedia. This perhaps isn't the best introduction if you have no idea what hashes are, but at least you have a place to start.

Download: Hashbrown

2. Checksumo

checksumo-checksums-gnome

Checksumo is another app designed for the GNOME desktop. It isn't necessarily any more complicated than Hashbrown, but it does take a different approach that is less immediately intuitive.

Checksumo's window presents three primary functions. First, you will need to open the designated file, such as an ISO image. Then you need to input a hash value. This is the character string a webpage or checksum file provides. When you enter this value, Checksumo will determine for itself whether the hash is MD5, SHA-256, or some other algorithm.

Then hit the Verify button. Checksumo will check the integrity of your file and let you know if the value doesn't match. If it does match, you're good to go.

Download: Checksumo

3. GtkHash

gtkhash-checksums

With GtkHash, you can open a file and verify it right away to see its hash values, or you can paste in a hash value to have the app check for a match for you.

But wait, there's more! You can feed GtkHash a list of files to check and have it verify them all at once. So if you're a distro hopper who likes to download Linux distributions in bulk, this app can help you make speedier work of verifying that all of them are safe. GtkHash is the most powerful and mature option on this list, with plugins that can integrate with various file managers.

Related: Check File Integrity on Linux the Easy Way With GtkHash

GtkHash is a more old-school, desktop-agnostic GTK app. This makes it a good fit for more traditional GTK-based environments such as Cinnamon, MATE, and Xfce.

Thanks to KDE Plasma's top-notch GTK integration, GtkHash won't stand out much there either, though Plasma fans may want to consider the next option first. On that desktop, turns out you don't need to install anything extra to view checksums from your file manager.

Download: GtkHash

4. KDE Dolphin

kde-dolphin-checksums

In KDE Plasma, you don't need to download a full-blown dedicated app to verify a file's integrity, and you don't need to open a terminal either. All you need to do is right-click the file in question and open the Properties window. Then click over to the Checksums tab. Everything you need is likely there.

Dolphin lets you generate hashes and compare them manually, or you can paste a checksum to verify your file against. It supports a number of hashing algorithms.

You don't need to use Plasma to enjoy Dolphin, as you can download the file manager on other desktop environments. That's a bit much if you only want to verify checksums, but Dolphin is simply one of the most powerful file managers for Linux. That means there are plenty of reasons to give it some thought.

5. Hasher

hasher-elementary-os-checksum

If you use elementary OS, the aforementioned apps will work just fine, but you may want something designed specifically for your desktop. Look no further than Hasher. This app is available from AppCenter, and in contrast to many elementary apps, it's as feature-rich as the other options on this list.

Hasher has three primary functions: Hashes, Compare, and Verify. Hashes simply displays the hash value of a particular file, using your choice of algorithm. Compare lets you compare two files directly, such as an ISO file you downloaded from a server and one you downloaded as a torrent. Verify lets you compare a file to a hash value that you copy and paste from elsewhere.

You don't need elementary OS to use Hasher. AppCenter apps are available for any Linux desktop in the universal Flatpak format, just like apps from Flathub. Hasher's design, which lacks a header bar, can also make the app feel somewhat platform-neutral.

Download: Hasher

6. The Linux Command Line

Many people find the command line intimidating, but once you grow comfortable with it, it's hard to beat. The command line is fast, and it's available regardless of which version of Linux you use. There are various commands you could learn, but to keep things simple, let's focus on two: md5sum and sha256sum.

These two programs are functionally identical and differ in the hashing algorithm that they use, with both likely coming pre-installed on your distro. Their structure is simple. Simply type the command followed by the path to the file you wish to generate a hash for. For example: 

        sha256sum debian-live-11.0.0-amd64-gnome.iso

You can type the path to your file manually, but many Linux terminals allow you to drag and drop the file from the file manager directly into the terminal window. If you want to explore more features, you can do so by reading the man page for either program, such as by typing: 

        man sha256sum

Do You Feel Safer on Linux?

Checking a file's integrity is a good habit to get into, especially if you download Linux distros from locations other than their official websites. But keep in mind that verifying the checksum doesn't guarantee that a file is safe.

For example, someone who hacks a website and changes the ISO file to a compromised version can easily update the checksum file or value to match that of the compromised file. Simply consider this another tool in your belt as you work to keep your digital life secure.