Westhost do not include SHA1SUM as part of their standard installation, so we cannot check the applications that we download have not been tampered with.

We therefore need to build our own copy of SHA1SUM. The source code for a cut down version can be obtained from gnupg.org

From the command line of your server

  • Type ftp ftp.gnupg.ogr to start a FTP session
  • Use username “anonymous” and password “anon@
  • Change to the required directory by issuing the command cd gnupg/binary
  • Download the source files using the commands get sha1sum.c and get sha1sum.c.sig
  • Close the FTP session using the command quit
  • If you installed GnuPG, verify the source file gpg --verify sha1sum.c.sig
  • Install the GCC Compiler Collection from your Site Manager if you have not already done so
  • Build the SHA1SUM executable by issuing the command cc -Wall -g -o sha1sum sha1sum.c
  • The SHA1SUM executable will now exist in the current directory. Move it to /usr/local/bin so that you can use it in the future. mv sha1sum /usr/local/bin

NOTE This version of SHA1SUM only calculates the SHA1 sum for the file specified; you have to visually check the sum against the supplied value for your download.

Bookmark this article