sha512sum: SHA-512 Checksums for Large Artifacts
sha512sum prints a SHA-512 hash and file name and verifies files with -c, like the other coreutils sum tools.
Many projects publish SHA-512 sums for large release tarballs. sha512sum reads and checks them with the same -c interface as sha256sum.
What it does
sha512sum computes a 512-bit SHA-2 digest, printing HASH FILENAME, and verifies a list with -c. It is cryptographically strong like SHA-256 and often faster on 64-bit CPUs for big files. The hash is 128 hex characters. Part of coreutils.
Common usage
# verify a big tarball against a published sum
sha512sum -c --ignore-missing SHA512SUMS
# verify one inline value
echo "EXPECTED_512 release.tar.xz" | sha512sum -c -
# generate sums for artifacts
sha512sum dist/*.tar.xz > dist/SHA512SUMS
# just the hash, no filename
sha512sum release.tar.xz | cut -d' ' -f1Options
| Flag | What it does |
|---|---|
| -c, --check | Verify files against a SHA-512 list |
| --ignore-missing | Skip listed files that are absent |
| --status | Exit code only, no output |
| --quiet | Only print FAILED lines |
| -b | Binary mode (marks name with *) |
In CI
Verify a downloaded release before extracting it: echo "$SHA512 release.tar.xz" | sha512sum -c - || exit 1. SHA-512 is a good choice for large multi-gigabyte artifacts on 64-bit runners since it can hash faster than SHA-256 there while remaining strong.
Common errors in CI
"release.tar.xz: FAILED" with "sha512sum: WARNING: 1 computed checksum did NOT match" means the bytes differ. "sha512sum: SHA512SUMS: no properly formatted checksum lines found" means the hash name two-space format was mangled (single space, tab, or CRLF endings from a Windows-edited file). A 128-char vs 64-char length mismatch when comparing means you crossed SHA-512 with SHA-256.