Sha256 comparison different by one character

hello, this might be a stupid question, but i’ve downloaded lubuntu 24.04, it says
to verify the integrity of the file, the link on the site gives:
f7ed99b368e00ab7f3fa2c05cefd912f43fc19a8ab9d4d241432d7d9e97e3491 *lubuntu-24.04-desktop-amd64.iso

i’ve seen on this forum that i need to type:
sha256sum lubuntu-24.04-desktop-amd64.iso

which gives:
f7ed99b368e00ab7f3fa2c05cefd912f43fc19a8ab9d4d241432d7d9e97e3491 lubuntu-24.04-desktop-amd64.iso

now, this two lines seems identical, except the * before the lubuntu-24.04-desktop-amd64.iso

does that mean that the file is invalid? or is it just the string before that that matters?

The file name should not be part of the hash/checksum. I think the web page that has this as you’ve put in your post was just formatted this way to maybe distinguish between the hash and the file the hash is for.

If everything before the file name (also can ignore the * character) is the same, then you should be good.

Maybe in the future they’ll make it a table or just separate the two strings with a new line to make it perhaps a bit more clearer but I think you’re fine if the actual hash strings match.

This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.

Read the manpage for sha256sum and I think you’ll find a more definitive answer.

First, one should note that there are different modes to reading input, with text mode being the default:

       -b, --binary
              read in binary mode

       -c, --check
              read checksums from the FILEs and check them

       -t, --text
              read in text mode (default)

Then if we read farther down, we see that the standard output does use an asterisk to indicate binary mode, at least when some cases:

       The default mode is to print  a  line  with:  checksum,  a
       space,  a character indicating input mode ('*' for binary, ' ' for text or where binary is
       insignificant), and name for each FILE.

What’s more interesting is that the two modes don’t really matter, apparently:

       Note: There is no difference between binary mode and text mode on GNU systems.

Despite this, apparently when Ubuntu calculates the sums, they explicitly use binary mode to create the SHA256SUMS file.

Regardless of how you run it, the end result is the same and the time to do the hash calculation is virtually identical. This is with an old oracular ISO I had laying around so don’t worry too much about the actual hash value:

$ time sha256sum oracular-desktop-amd64.iso ### text mode by default
536d55d28c94796733cf1099314d34fe790e58175dda3583056bb8f22af7e93d  oracular-desktop-amd64.iso

real    0m16.484s
user    0m15.762s
sys     0m0.672s

$ time sha256sum -t oracular-desktop-amd64.iso ### explicit text mode
536d55d28c94796733cf1099314d34fe790e58175dda3583056bb8f22af7e93d  oracular-desktop-amd64.iso

real    0m16.583s
user    0m15.862s
sys     0m0.524s

$ time sha256sum -b oracular-desktop-amd64.iso ### explicit binary mode
536d55d28c94796733cf1099314d34fe790e58175dda3583056bb8f22af7e93d *oracular-desktop-amd64.iso

real    0m16.548s
user    0m15.876s
sys     0m0.407s

And to put a fine point on it, you can actually use the SHA256SUMS file to check the validity of the file:

sha256sum -c SHA256SUMS

In your case, this would produce the following output:

lubuntu-24.04-desktop-amd64.iso: OK

If it were invalid, you would instead see:

lubuntu-24.04-desktop-amd64.iso: FAILED
sha256sum: WARNING: 1 computed checksum did NOT match

Interestingly, you can take that file and replace the asterisk with a space and get the same end result. In fact, you can even remove that whole character that exists between the file name and the space after the hash value and still get the same result.