Downloads often display hash values to verify the integrity of the downloaded file. Most often it is a SHA256 value and we look at how we can check it with Windows integrated tools.
Video tutorial
Instruction
Let’s assume we want to download a recent Xubuntu version. The download is made available on many servers. Now we want to check if it is the right file and the file has not been replaced and we may be downloading a malicious version.
On the Xubuntu homepage, in addition to the download link, there is also the checksum in SHA256 format.
By means of this we can check the download.
If we click the link, we will find a very long string, this is the hash value.
c59c3bb825294dbf76fd3a5dfa3fd5de9e854934b7c9aa6258105b6648979cd5 *xubuntu-20.04.2.0-desktop-amd64.iso
By means of this, the download can be verified. We can do this via powershell using windows boot means.
Get-Filehash download-file.iso -Algorithm SHA256
The hash value is determined and output. Afterwards we can compare the value. In our case it matches and we have downloaded the correct file.