[Courses][Linux comands] tty, uname, /etc/issue, id, lsof, cksum, md5sum, id

Thu Mar 18 22:33:38 EST 2004

On Thursday 18 March 2004 18:12, Carla Schroder wrote:

Thanks for the command stuff!  A couple of pseudo-random comments:
> md5sum is better if you need to verify a remote file, because it is
> hashed and encrypted. To calculate the md5sum of a file:

Well... it uses a "cryptographic hash".  This doesn't make it any better
 for checking remote files, though... it's not as if the output of it is
 encrypted, or anything like that.

What it *is* better for is if you think someone might deliberately mess
 with a file, instead of just being worried about transmission errors. 
 "cksum" uses CRC -- cyclic redundancy check.  CRC was designed for
 "spotting" transmission errors in file uploads and the like -- many modem
 file transfer protocols use it in the background to ensure that the upload
 is working OK.  It was not designed to stand up to deliberate alteration
 -- someone can alter a file, then alter another part of it, and have the
 CRC checksum come out the same.  Thus, if you think that someone might
 have planted a trojan or a virus in a program, CRC isn't the check you
 should use.

"md5sum" uses MD5, which was designed to detect message tampering.  One of
its uses is as a checksum for encrypted files, to ensure that no one's
messed with them along the way -- this is the "cryptographic hash" part.
You'd send the MD5 checksum by a different path, ideally, and the person
receiving the message could then use it to make sure that it hadn't been
altered.

MD5 is harder to compute than CRC -- not a big deal on most computers these
days, unless you're checking *lots* of files, but that's part of why MD5
isn't used in things like the TCP protocol... less overhead.  But if you're
worried that a file might have been deliberately altered (e.g., you got
a .tar.gz of some program from an untrusted source, and want to make sure
it's the same as the legitimate distribution), md5sum is the tool of
choice.

Of course, maybe that's what you meant by "remote files"... but I think it
could be misunderstood by newbies.

> What is my guid, uid, and what groups do I belong to?
>
> $ id
> uid=1000(carla) gid=1000(carla)
> groups=1000(carla),20(dialout),24(cdrom),25
> (floppy),29(audio),30(dip),44(video),105(windows),432(usb),1001
> (cdrecording),1008(share)

Or "groups" if you just want to see what groups you're in:

casey at lostthoughts:~$ groups
casey cdrom floppy audio ehcasey rhianna

--

       |\      _,,,---,,_     Travis S. Casey  <efindel at earthlink.net>

 ZZzz  /,`.-'`'    -.  ;-;;,_   No one agrees with me.  Not even me.

      |,4-  ) )-,_..;\ (  `'-'

     '---''(_/--'  `-'\_)