Prerequisites:

• A Linux server
• SSH access

What is a Checksum?

A checksum is a mathematical algorithm used to generate an alphanumeric value for a file. This process is facilitated by specialized tools that employ cryptographic hash functions to create a hash value. Checksums are crucial in verifying the integrity and security of ZIP archives or binary files and in various file types like text or document files. A matching checksum confirms that a file maintains its digital integrity and security and is an exact replica of the original file.

Consequently, if the checksum of a downloaded file does not align with the original value, two primary reasons may account for it:

• The file might have been tampered with by unauthorized parties.
• The file may not have been downloaded correctly, potentially resulting in the corruption of some file elements.

The two primary checksum algorithms commonly used are MD5 and SHA. When verifying checksums, it is essential to use the same algorithm that generated them. For instance, a file’s MD5 checksum will differ significantly from its SHA-256 checksum.

Method 1 – Verify checksum using md5sum

Begin by logging into your server via SSH:

ssh root@IP_Address -p Port_number

Substitute ‘IP_Address’ and ‘Port_number’ with your server’s IP address and SSH port number. If necessary, replace ‘root’ with your account’s username.

You can generate the MD5 checksum to compare it with the original location of the file you downloaded or copied using the following command:

md5sum file_name

Substitute “file_name” with the name of your file.

Here’s how the output should appear:

# md5sum file_name
b74a5725c6bb94d2d0e527e1996dc9f5 file_name

Please be aware that the MD5 checksum value will differ because the file used in this tutorial is distinct from the one you are examining.

Additionally, you can utilize the following command to save the list of files alongside their MD5 checksums in a text file for future comparison:

md5sum file_name > md5sumlist.txt

To verify the MD5 checksum from the generated list, use the following command:

md5sum -c md5sumlist.txt

For every matching checksum, the display shows “OK,” while a mismatched checksum indicates “FAILED.” Here’s how the output should look:

# cat md5sumlist.txt
b74a5725c6bb94d2d0e527e1996dc9f5 file_name
# md5sum -c md5sumlist.txt
file_name: OK

# cat md5sumchangedlist.txt
a74a5725c6bb94d2d0e527e1996dc9f5 file_name
# md5sum -c md5sumchangedlist.txt
file_name: FAILED

Method 2 – Verify checksum using sha256sum

To start, log in to your server using SSH:

ssh root@IP_Address -p Port_number

Replace ‘IP_Address’ and ‘Port_number’ with your server’s IP address and SSH port number. If needed, replace ‘root’ with your account username.

You can generate the SHA-256 checksum to compare it with the original location of the file you downloaded or copied using the following command:

sha256sum file_name

Replace file_name with your file name.

Here’s how the output should look:

# sha256sum file_name
8f005696fff811934bf7e80be08c7c8b70899991f607294f68abb25ab65a14f9 file_name

Please note that the SHA-256 checksum value will differ because the file used in this tutorial differs from the one you’re examining.

You can also use the following command to store the list of files along with their SHA-256 checksums in a text file for future comparison:

# sha256sum file_name > sha256sumlist.txt

To verify the SHA-256 checksum from the list you have generated, use the following command:

# sha256sum -c sha256sumlist.txt

For every matching checksum, the display shows “OK,” while a mismatched checksum indicates “FAILED.” Here’s how the output should look:

# cat sha256sumlist.txt
8f005696fff811934bf7e80be08c7c8b70899991f607294f68abb25ab65a14f9 file_name
# sha256sum -c sha256sumlist.txt
file_name: OK

# cat sha256sum_changed_list.txt
3f005696fff811934bf7e80be08c7c8b70899991f607294f68abb25ab65a14f9 file_name
# sha256sum -c sha256sum_changed_list.txt
file_name: FAILED
sha256sum: WARNING: 1 computed checksum did NOT match

Method 3 – Verify checksum using sha512sum

Begin by logging into your server via SSH:

ssh root@IP_Address -p Port_number

Substitute ‘IP_Address’ and ‘Port_number’ with your server’s actual IP address and SSH port number. If necessary, replace ‘root’ with your account’s username.

You can generate the SHA-512 checksum to compare with the original location of the file you downloaded or copied using the following command:

# sha512sum file_name

Substitute “file_name” with the name of your file.

Here’s the expected output:

# sha512sum file_name
b1347fc187453bdbd70ae1f4ca8214856ee24e994ffc65544c1c9ba84d4486177029f123070d939504f56e27e1fd6c9b3f2eec4f0174fd3a35fec570fa8192f0 file_name

Please be aware that the SHA-512 checksum value will differ because the file used in this tutorial is distinct from the one you are currently examining.

Additionally, you can utilize the following command to save the list of files alongside their SHA-512 checksums in a text file for subsequent comparisons:

# sha512sum file_name > sha512sumlist.txt

To verify the SHA-512 checksum from the generated list, use the following command:

# sha512sum -c sha512sumlist.txt

For every matching checksum, the display shows “OK,” while a mismatched checksum indicates “FAILED.” Here’s how the output should look:

# cat sha512sumlist.txt
b1347fc187453bdbd70ae1f4ca8214856ee24e994ffc65544c1c9ba84d4486177029f123070d939504f56e27e1fd6c9b3f2eec4f0174fd3a35fec570fa8192f0 file_name
# sha512sum -c sha512sumlist.txt
file_name: OK

# cat sha512changedlist.txt
31347fc187453bdbd70ae1f4ca8214856ee24e994ffc65544c1c9ba84d4486177029f123070d939504f56e27e1fd6c9b3f2eec4f0174fd3a35fec570fa8192f0 file_name
# sha512sum -c sha512changedlist.txt
file_name: FAILED
sha512sum: WARNING: 1 computed checksum did NOT match

Conclusion

After trying these solutions, you shouldn’t have issues verifying checksums on Linux. If you still have trouble, however, contact our managed server support team, and we’ll make sure your files can be verified or, at the very least, tell you exactly why it’s impossible.

PS. If you found this post on verifying checksum helpful, please consider sharing it with your friends on social networks or leaving a comment in the comments section. Thank you.

The post How to Verify Checksum of a File on Linux appeared first on LinuxHostSupport.

OpenVPN is an open-source network protocol to facilitate a secure connection between two points in a network. In this tutorial, we will show you how to install OpenVPN on the Debian 11 server.

Prerequisites

• A Debian 11 VPS
• SSH root access or a user with sudo privileges

Step 1. Log in to your server via SSH

First, you will need to log in to your Debian 11 server via SSH as the root user:

ssh root@IP_Address -p Port_number

You will need to replace ‘IP_Address’ and ‘Port_number’ with your server’s respective IP address and SSH port number. Additionally, replace ‘root’ with the username of the system user with sudo privileges.

You can check whether you have the proper Debian 11 installed on your server with the following command:

# lsb_release -a

The command will show you an output like this.

No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 11 (bullseye)
Release: 11
Codename: bullseye

Then, run the following command to make sure that all installed packages on the server are updated to their latest available versions:

# apt update

Step 2. Install OpenVPN Server

OpenVPN server packages are available in the default Debian 11 repository. But, in this article, we will use a shell script we can download from github.com to install the OpenVPN server. The installation is fairly easy and straightforward. Let’s download the script and proceed with the OpenVPN Server installation.

# wget https://git.io/vpn -O openvpn-install.sh

The installation script has been downloaded and saved as openvpn-install.sh; let’s execute the file and proceed with the installation.

# bash openvpn-install.sh

After the executable is executed, you will be prompted for a few options. Select UDP as the protocol, port 1194, and choose your favorite DNS resolver and the VPN client name.

Welcome to this OpenVPN road warrior installer!

Which protocol should OpenVPN use?
1) UDP (recommended)
2) TCP
Protocol [1]: 1

What port should OpenVPN listen to?
Port [1194]:

Select a DNS server for the clients:
1) Current system resolvers
2) Google
3) 1.1.1.1
4) OpenDNS
5) Quad9
6) AdGuard
DNS server [1]: 3

Enter a name for the first client:
Name [client]: vpnclient

OpenVPN installation is ready to begin.
Press any key to continue…

At this point, we can press any keyboard key to start the installation. It will finish in a few seconds, depending on your network speed.

Once installed, the OpenVPN service will be automatically up and running. You will see a message about where the .ovpn file you can download.

Step 3. Connecto to OpenVPN Server

A VPN client is required to connect to our OpenVPN server. If you are using a Windows machine, you can use OpenVPN Client or Tunnelblick if you are using a MacOS device. For Linux desktops users, you can use the openvpn client file to import the network configuration file and then connect to your VPN server.

In this tutorial, we created ‘vpnclient’ as a VPN user, and the installation script generated the configuration file at /root/vpnclient.ovpn. We can download this file to connect to our OpenVPN server.

The client configuration is available in: /root/vpnclient.ovpn
New clients can be added by running this script again.

Download the file or print the file using the cat command, then create a .ovpn using the file’s content. Then, simply double-click on it to start using the VPN client.

Step 4. Create Additional OpenVPN Users

To create new VPN users, simply execute the installation script, and the script will ask you one of the options.

OpenVPN is already installed.

Select an option:
1) Add a new client
2) Revoke an existing client
3) Remove OpenVPN
4) Exit
Option:

Choose number 1, then ENTER. You will be asked for a client name. And it will show you an output like this.

* Using Easy-RSA configuration:
  /etc/openvpn/server/easy-rsa/pki/vars

* Using SSL: openssl OpenSSL 1.1.1n  15 Mar 2022

Generating a RSA private key
............................+++++
............+++++
writing new private key to '/etc/openvpn/server/easy-rsa/pki/5e4b9ee0/temp.1.1'
-----

Notice
------
Keypair and certificate request completed. Your files are:
* req: /etc/openvpn/server/easy-rsa/pki/reqs/rosehosting.req
* key: /etc/openvpn/server/easy-rsa/pki/private/rosehosting.key 

Using configuration from /etc/openvpn/server/easy-rsa/pki/5e4b9ee0/temp.4.1
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'rosehosting'
Certificate is to be certified until Jun 16 07:27:20 2033 GMT (3650 days)

Write out database with 1 new entries
Data Base Updated

Notice
------
Certificate created at:
* /etc/openvpn/server/easy-rsa/pki/issued/rosehosting.crt

Notice
------
Inline file created:
* /etc/openvpn/server/easy-rsa/pki/inline/rosehosting.inline


rosehosting added. Configuration available in: /root/rosehosting.ovpn

That’s it! You have successfully installed the OpenVPN server the easy way. You can now add more users and use the VPN network for your activity.

Check out a more complicated installation without a script.

Of course, you don’t have to install OpenVPN server on Debian 11 if you use one of our Debian Hosting services, in which case you can simply ask our admins, sit back, and relax. Our admins will install and set up OpenVPN on Debian 11 immediately without any additional fee, along with many useful optimizations we can do for you. Managing an OpenVPN server is not just about the installation; we can help you optimize your OpenVPN installation if you have a VPS with us.

PS. If you liked this post on how to set up an OpenVPN Server on Debian 11, please share it with your friends on social networks or simply leave a reply below. Thanks.

The post How to Set Up an OpenVPN Server on Debian 11 appeared first on LinuxHostSupport.