Help on checking a downloads integrity using sha256



  • I am new to pfsense.

    I tried to download and verify the download of the current live cd iso on windows 7.
    I used the firefox browser to download the file and a microsoft tool for this named fciv.exe to validate the files sha256 hash.

    I have used this tool to verify programs I have downloaded and it has worked, but not with pfsense. The hash generated always came up as not matching the one downloaded from pfsense with the sha256 file extension.

    I also have tried to read the forum, and there were some comments on the browser extracting the gzip and altering the download.

    I downloaded the gnu wget utility that allows you to get web files without using a browser, yet I still got a non matching sha256 hash.

    I then went and downloaded a different utility for sha256 from sourceforge.net and that program is named quick hash gui. It is nice because it is a windows exe and does not need to be installed. This program generated a sha256 value that matched the value on the pfsense website.

    I wanted a 2nd confirmation because I had 2 tools that disagreed on the sha256 hash. I have a second computer that runs Ubuntu. I took the same file and used the linux command line tool sha256sum and this generated the same value as the quick hash gui program. I now new I had a valid iso file to use.

    I hope this will help others that are having this issue.

    Maybe someone who reads this will be able to comment on why the microsoft program does not work in this instance, but works well in other cases.

    Thanks to all that are working on pfsense.


Log in to reply