shash is a program intended to produce message digests for files, or it can check with the output of a former run whether the message digests are still the same (i.e. whether the files changed). Shash uses several hash algorithms.
Since everyone can generate the message digest, it may not be suitable for some security related applications. Because of this, shash also supports HMAC (rfc2104), which is a mechanism for message authentication using cryptographic hash functions. So shash can use a key with a hash algorithm to produce hashes that can only be verified using the same key. This way you can securely check (i.e. you are sure that nobody can modify the mac, without beeing detected) if files in a filesystem were altered.

This can be very usefull if you want to make sure that no executable files or other important files in a filesystem have been altered by a virus or by an intruder.

The manpage of shash is at shash.1

Shash is based on libmhash (see below), a library by Sascha Schumann and me. Shash is Free Software.

Here you can download shash



You can browse the cvs repository using a web interface, or by using the traditional(!) tools.

To access the repository enter the following commands:
$ cvs -d login Password: (enter password anonymous) $ cvs -d co shash To update your checkout, change into the shash directory and execute: $ cvs update -dP

To compile the cvs, run first the buildconf script. It needs the programs: autoconf, automake and libtool. All these programs can be found at the nearest GNU mirror.

The author of shash is Nikos Mavroyanopoulos.