How to checksum a CD/DVD? (to verify integrity of my Debian installation)

debian hashsum dvd checksum verification

5,351

Install the package genisoimage like this:

apt-get install genisoimage

It will install a program isoinfo which will report the number of sectors in the disk (assuming the CD device is sr0):

$ isoinfo dev=/dev/sr0 -d
CD-ROM is in ISO 9660 format
System id: C@-RTKS C@-BRIDCE
Volume id: antartica
Volume set id:
Publisher id:
Data preparer id:
Application id: CAUAF File System - Adaptec
Copyright File id:
Abstract File id:
Bibliographic File id:
Volume set size is: 1
Volume set sequence number is: 1
Logical block size is: 2048
Volume size is: 297247
NO Joliet present
NO Rock Ridge present

And, if that command is succesful, you will get some details about the disk.
Read the "Logical block size" (usually 2048) and the "Volume size" And execute the commands below:

$ a=2048                # Block size read above.
$ b=297247              # Volume size. Near 300.000 for a 600Mega disk
$ dd if=/dev/sr0 bs="$a" count="$b" | md5sum

That will give you the MD5 hash. If you need a sha512 hash, use:

$ dd if=/dev/sr0 bs="$a" count="$b" | sha512sum

Reading a whole disk will take some time, be patient.

5,351

mYnDstrEAm

I care about making FOSS, cybersecurity and useful/important knowledge accessible. I learn, collaborate and develop with open source.

Updated on September 18, 2022

Comments

mYnDstrEAm almost 2 years
So I'd like to checksum my Debian 9.0 installation DVD to be able to compare it to the respective .iso file's hashes and the published hashes to be able to verify my installation's integrity.

I burned the Debian installation .iso to DVD under Ubuntu. There it had a problem verifying the DVD's checksum as it didn't proceed anymore at around 50% with the time remaining only rising and rising. However this may due to the fact that I accidentally executed sha512 ^{(it had an error and didn't seem to have modified the .iso)} instead of sha512sum on the .iso file during burning or checksumming. (The sha512 hash of the .iso was correct.)

I'd like to use sha512 and it seems I need the blocksize in bytes of my DVD first.

These 2 questions help but do not solve this issue for me:
- Calculate md5sum of a CD/DVD
- How to verify a CD against an ISO image?
Edit: Related question / finding of mine
- frostschutz about 7 years
  
  if you still have the iso: unix.stackexchange.com/a/146221/30851
- frostschutz about 7 years
  
  and if not, this: unix.stackexchange.com/a/3795/30851 (you need to know the size in bytes, as the DVD might include padding which changes the hash sums)
- mYnDstrEAm about 7 years
  
  @frostschutz Thank you. I'd like to compare the hashes myself so I'd really like to get a hash of the CD/DVD. The latter answer does not include a way to get the size in bytes.
- frostschutz about 7 years
  
  ls -l file.iso shows the size in bytes, otherwise it should be mentioned on one of the download locations or shown by wget as you start downloading it.
- mYnDstrEAm about 7 years
  
  @frostschutz When I run dd if=/media/cdrom0 bs=1 count=3804708864 | md5sum I get dd: error reading '/media/cdrom0': Is a directory 0+0 records in 0+0 records out d41d8cd98f00b204e9800998ecf8427e. I used debian-9.0.0-amd64-DVD-1.iso.
- frostschutz about 7 years
  
  why /media/cdrom, it's /dev/...
- done about 7 years
  
  Install K3b, it will show an md5 of the disk when it starts *or when asked to).
mYnDstrEAm about 7 years

Great; there's just 2 things I have an issue with: why are people saying it's /dev/ and not /media/? I couldn't find anything under /dev/ or open /dev/sr0 while I could open /media/cdrom0 (that's also selected by default). The second issue is that my CD drive doesn't detect the DVD most of the time - sometimes it worked at first try without a problem but it hasn't worked since quite a number of restarts and tries per each now. My drive is probably getting old but do you maybe know any ways to check for CD drive issues or to manually scan for CDs in it (e.g. with a longer scan time)?
done about 7 years

Because /dev/sro is (usually) the block device and /media/cdrom (when it exist) is the filesystem where you "see" the files contained in the physical disk. Both are related but never the same. In /dev the name of the cdrom device may be /dev/cdrom, /dev/cdrw, /dev/dvd, or/and/dev/dvdrw. If none of those exist in your system it may be because someone erased them. They could be re-created if needed.
done about 7 years

If the device doesn't read the disk, maybe the disk was written to a low quality/too old re-grabable media, that usually happens. No I don't have the expertise to scan and analize what could be wrong with the hardware of your dvd reader. The scan provided in my answer does a full scan of the contents of the laser disk. Scanning of the device itself deserve some other question.
done about 7 years

@mYnDstrEAm Have you tried K3b ?
mYnDstrEAm about 7 years

When I run isoinfo dev=/dev/sr0 -d (as root) I get Error trying to open /dev/sr0 exclusively (Device or resource busy)... giving up. WARNING: /dev/sr0 seems to be mounted! isoinfo: Device or resource busy. Cannot open '/dev/sr0'. Cannot open SCSI driver. Where can I find the MD5 in K3b? I only see info on the sector length (1857775 1857776 (412:50:26)). Also for my CD drive: it may have gotten too hot - I restarted this morning and it worked at first try again.
done about 7 years

Then, as root, execute: umount /dev/sr0 (or, maybe, umount /media/cdrom and try again. About K3b: start the program and, while the program is running, insert the disk. It should detect the new disk and calculate the md5 sum automatically.
0x777C almost 3 years

It's probably better to use cksum for speed assuming you're only worried about accidental defects (which if you're using md5 has to be the case because md5 isn't secure anymore)