Blog Search
Other TechSoup Blogs:
- TechSoup For Libraries Blog
Learn how libraries keep public computers humming. - NetSquared Blog
Discover how nonprofits can use the social Web. - Nonprofit Commons
See how NPOs are using virtual world Second Life to make a real difference.
TechSoup Global Partner Blogs:
Navigation
Donated Products
TechSoup Stock connects nonprofits and public libraries with donated and discounted technology products. Choose from over 240 products from companies such as Microsoft, Adobe, and Symantec. Visit TechSoup Stock.
Full list of partners and products.
Blog RSS Feed
Subscribe to Our RSS Feed to have blog posts sent directly to your Web site or inbox.
So What Exactly Is an MD5 Signature?
Update: Added instructions for Mac OS users.
No, it is not an ultra-secret wing within Britain's MI6, but it definitely has to do with making the Internet safer. Quite simply, it is a method by which a "key," in the form of a 32 digital hexadecimal number, can be generated for any given file.
When you need to download a large file, such as some of the donations offered on the TechSoup Stock, you want to make sure that the downloaded file is exactly how it was offered and not compromised in any way during its transport. This also would deter and prevent hackers from attempting to plant or spread malicious code.
In our free download of the week, we highlighted a tool to verify the MD5 "digest" for downloaded files. The way to use it in a typical Windows environment is:
- Download the md5 program from here.
- Extract the zip archive in your usual downloads folder.
- When you download a file, copy the MD5 digest or signature on to Word or Notepad. This should be on the last Web page from which you downloaded the file.
- Once the download is complete, open a terminal window by pressing the Start button, and select "Run." In the dialog box, type in "cmd" and a new window will open.
- You will see a cursor prefixed by your current folder location. Change to the directory where your downloads are, if it is your Desktop, type in "cd\Documents and Settings\[your username]\Desktop"
- Once you are in that folder, type in "md5 [downloaded filename]" for it to generate the MD5 digest. (hint: You can type "md5" then the first few letters of the filename, then press "TAB" and it will autocomplete the filename if there is only one file with those letters, or scroll through the files as you press "TAB".)
- Once the MD5 signature is generated, compare that to the one you copied from the Web site. It should be identical.
If you are using Mac OS X, you would follow a similar procedure. Open the "Terminal" program under "Utilities", and type in:
openssl md5 [filename]
You can drag and drop the file into the Terminal window, and the filename will be filled in.
Why go through these steps? Once again, you can ensure that files you download from around the Web are brought to your computer as a complete and intact file. Learn more about MD5 here.
