To verify downloaded packages, we do hash checks. And Hashbrown is a simple graphical tool to generate or verify file hash in Linux Desktop.
Software developers often provide cryptographic hashes along with downloads, for users to ensure the file or program matches the source. Usually, they are MD5, SHA-1, and SHA-256 hashes.
Ubuntu comes with
sha256sum and a few other tools to do hash check from command line. For beginners or those hate Linux commands, then “Hashbrown” may help by providing a modern GTK user interface:
By opening a file via the tool, it generates the MD5, SHA-1, and SHA-256 hashes with buttons to copy to clipboard, though it takes quite a few seconds in my case to handle large file.
And it allows to compare / verify download using either a file or the hash code in different tabs.
How to Install Hashbrown in Ubuntu Linux:
The software is available to install as universal Flatpak package.
1. Install Flatpak daemon
Open terminal by either searching from activities overview or pressing Ctrl+Alt+T on keyboard. When it opens, run command to install the daemon:
sudo apt install flatpak
For Ubuntu 18.04 and Ubuntu 16.04, you may need to add this PPA first.
2. Add flathub repository:
Next add the flathub repository that hosts the software packages, by running command:
3. Install Hashbrown as Flatpak:
Finally run command in terminal to install the app via Flatpak:
flatpak install flathub dev.geopjr.Hashbrown
Like normal apps, open it by searching from activities overview after installation.
To remove the software package, use command in terminal:
flatpak uninstall --delete-data dev.geopjr.Hashbrown
You may also run flatpak uninstall –unused to remove unused runtime libraries.
good app for those who have no familiarity with the terminal.
I wonder how much disk space this simple flatpak requires, though.
Quite a bit… about 799 MB actually downloaded to install !
They are run-time libraries, shared with all Flatpak apps that required them, though they do take too much space. It’s design issue since Flatpak runs in sandbox.
I found installing a VM hard enough now we have to deal with validation.
I realize the importance but wonder if those not familiar with Linux and on a scale of 0-10 are about 8 should be doing this. I was just starting with a VM and running Defender and MBAM on the downloads instead of verification. I guess someone could just tamper and not necessarily infect the downloads with malware which could pen later or after the 2 scans.
Any thoughts for me.
Thank you for your kind cooperation.