Menu
I have no idea how to check the integrity of file on Unix/Linux by hashing algorithm,md5. I attent to develope the bash script to check md5 of desired files in each specific folder(include sub folders too) on Linux. So my question is it possible to do? The background is to check the integrity of file before to do change on system.
Thank you for your advicement, Ponomy
885
Integrity checking protects important system files against unauthorized modifications. You can use integrity checking to detect any modifications to protected files and prevent their use, regardless of file system permissions.
Advanced Intrusion Detection Environment (AIDE) is a powerful open source intrusion detection tool that uses predefined rules to check the integrity of files and directories in the Linux operating system. AIDE has its own database to check the integrity of files and directories.
This is quite easy to do! Use the md5sum command.
156
md5sum is not recursive which was specifically requested in his question. Maybe find /path/to/files -type f -print0 | xargs -0 md5sum > checksum.md5 would be sufficient, but I prefer the hashdeep tools.
Use md5deep -r /path/to/files > checksum.md5. Then later on, you can use md5sum -c checksum.md5 | grep -v ' OK$' to check for any changes. Of course, this doesn't detect any newly added files. You could also use sha256deep and sha256sum if you're paranoid. ;-)
You could also use md5deep -rx checksum.md5 /path/to/files to do the check. Alternatively, you could use hashdeep -r /path/to/files > hashes and then hashdeep -ravvk hashes /path/to/files to "audit" the files. I'm not really a fan of the way the hashdeep tools do their checks and audits, but you might think it's great, so there you go. :-)
Of course, none of this checks file meta data (time stamps, ownership, permissions, et cetera). But then you're getting into things like TripWire or AIDE.
28
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
