is a program intended to produce message digests for files,
or it can check with the output of a former run whether the message digests
are still the same (i.e. whether the files changed). Shash uses several
Since everyone can generate the message digest, it may not be
suitable for some security related applications.
Because of this, shash also supports HMAC (rfc2104), which is
a mechanism for message authentication using cryptographic hash functions.
So shash can use a key with a hash algorithm to produce hashes that can only
be verified using the same key. This way you can securely check (i.e. you are sure
that nobody can modify the mac, without beeing detected)
if files in a filesystem were altered.
This can be very usefull if you want to make sure that no executable files
or other important files in a filesystem have been altered by a virus or by an intruder.
The manpage of shash is at shash.1
Shash is based on libmhash (see below), a library by Sascha Schumann and me.
Shash is Free Software.
Here you can download shash
You can browse the cvs repository using a web interface,
or by using the traditional(!) tools.
To access the repository enter the following commands:
$ cvs -d :pserver:firstname.lastname@example.org:/var/cvs/mcrypt login
Password: (enter password anonymous)
$ cvs -d :pserver:email@example.com:/var/cvs/mcrypt co shash
To update your checkout, change into the shash directory and execute:
$ cvs update -dP
To compile the cvs, run first the buildconf script. It needs the
programs: autoconf, automake and libtool. All these programs can be found at
the nearest GNU mirror.
The author of shash is Nikos Mavroyanopoulos.