1117
Comment: update windows commands to calculate MD5 (and more); rm stale link to window md5 util
|
← Revision 14 as of 2021-03-27 20:00:31 ⇥
1526
add warning per security issues with MD5 (collab w/ bauen1 on #debian-www)
|
Deletions are marked like this. | Additions are marked like this. |
Line 4: | Line 4: |
=== MD5 Security Warning === The security of the MD5 hash algorithm has been severely compromised since at least 2007. <<BR>> https://en.wikipedia.org/wiki/MD5#Security <<BR>> https://infosec.mozilla.org/guidelines/key_management.html#old---do-not-use A more current algorithm should be used instead, such as [[https://wiki.debian.org/Sha256sumsInPackages | SHA256]]. === MD5 Overview === |
MD5 Security Warning
The security of the MD5 hash algorithm has been severely compromised since at least 2007.
https://en.wikipedia.org/wiki/MD5#Security
https://infosec.mozilla.org/guidelines/key_management.html#old---do-not-use
A more current algorithm should be used instead, such as SHA256.
MD5 Overview
MD5 Sums are 32 byte character strings that are the result of running the md5sum program against a particular file. Since it is very hard to find two different files that results in same strings, MD5's can be used to determine that the file or iso you downloaded is a bit-for-bit copy of the remote file or iso.
Verify md5sum using linux:
- md5sum -c linux.iso.md5
Create an md5sum using linux:
md5sum linux.iso > linux.iso.md5
Windows users that need to check the md5sum (e.g. of a Debian ISO file) can use certutil https://superuser.com/a/898377.
certutil -hashfile fooinputfile MD5
certutil -hashfile fooinputfile SHA256
See also: