Skip to content
Latchkey

sha512sum: SHA-512 Checksums for Large Artifacts

sha512sum prints a SHA-512 hash and file name and verifies files with -c, like the other coreutils sum tools.

Many projects publish SHA-512 sums for large release tarballs. sha512sum reads and checks them with the same -c interface as sha256sum.

What it does

sha512sum computes a 512-bit SHA-2 digest, printing HASH FILENAME, and verifies a list with -c. It is cryptographically strong like SHA-256 and often faster on 64-bit CPUs for big files. The hash is 128 hex characters. Part of coreutils.

Common usage

Terminal
# verify a big tarball against a published sum
sha512sum -c --ignore-missing SHA512SUMS
# verify one inline value
echo "EXPECTED_512  release.tar.xz" | sha512sum -c -
# generate sums for artifacts
sha512sum dist/*.tar.xz > dist/SHA512SUMS
# just the hash, no filename
sha512sum release.tar.xz | cut -d' ' -f1

Options

FlagWhat it does
-c, --checkVerify files against a SHA-512 list
--ignore-missingSkip listed files that are absent
--statusExit code only, no output
--quietOnly print FAILED lines
-bBinary mode (marks name with *)

In CI

Verify a downloaded release before extracting it: echo "$SHA512 release.tar.xz" | sha512sum -c - || exit 1. SHA-512 is a good choice for large multi-gigabyte artifacts on 64-bit runners since it can hash faster than SHA-256 there while remaining strong.

Common errors in CI

"release.tar.xz: FAILED" with "sha512sum: WARNING: 1 computed checksum did NOT match" means the bytes differ. "sha512sum: SHA512SUMS: no properly formatted checksum lines found" means the hash name two-space format was mangled (single space, tab, or CRLF endings from a Windows-edited file). A 128-char vs 64-char length mismatch when comparing means you crossed SHA-512 with SHA-256.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →