Generating Fingerprints
Fingerprint is designed to index directories. With no arguments, it will index the current directory, or the specified directory if given:
$ fingerprint /bin/
C /bin
fingerprint.version 1.3.0
options.checksums MD5, SHA2.256
options.extended false
summary.time.start Thu Aug 18 01:17:59 +1200 2011
D ./
F ./zsh
file.size 1103984
key.MD5 88b8770d89a8b6e1ff0a0af26c535f87
key.SHA2.256 9c2905022d664ac1ca67949f9475947249019809ac9f4a79992fc4c2a9cc0fc7
F ./wait4path
file.size 34576
key.MD5 ba084bba5a7d0ad615ab2822c1c8ab12
key.SHA2.256 e33436d49713991ebc465530f84f46f8efad1be7cf2f359e7ddee829ebaeb7d8
F ./unlink
file.size 44528
key.MD5 b7921a96ce139ef9b959a671ae12e477
key.SHA2.256 94e2afd4f5285853e41a7d4854aa9fc08de055604593bcdbe8ca9e3ce5741838
F ./test
file.size 43120
key.MD5 1bb9e3e23eff695ed12ea9ae8ce710a2
key.SHA2.256 800fb9163be8504474f63faf488e2bb5d016852e93a1df49d82feb9f8e96d53a
-- Snip --
S
summary.directories 1
summary.excluded 0
summary.files 37
summary.size 9440400
summary.time.end Thu Aug 18 01:17:59 +1200 2011
Extended Information
Fingerprint can include extended information which can be useful for monitoring sensitive files:
$ fingerprint -x /bin/
C /bin
fingerprint.version 1.3.0
options.checksums MD5, SHA2.256
options.extended true
summary.time.start Thu Aug 18 01:21:39 +1200 2011
D ./
posix.mode 40755
posix.permissions.group.id 0
posix.permissions.group.name wheel
posix.permissions.user.id 0
posix.permissions.user.name root
posix.time.created Wed Jul 06 22:47:58 +1200 2011
posix.time.modified Wed Jul 06 22:34:53 +1200 2011
F ./zsh
file.size 1103984
key.MD5 88b8770d89a8b6e1ff0a0af26c535f87
key.SHA2.256 9c2905022d664ac1ca67949f9475947249019809ac9f4a79992fc4c2a9cc0fc7
posix.mode 100755
posix.permissions.group.id 0
posix.permissions.group.name wheel
posix.permissions.user.id 0
posix.permissions.user.name root
posix.time.created Wed Jul 06 22:34:53 +1200 2011
posix.time.modified Wed Jul 06 22:34:53 +1200 2011
F ./wait4path
file.size 34576
key.MD5 ba084bba5a7d0ad615ab2822c1c8ab12
key.SHA2.256 e33436d49713991ebc465530f84f46f8efad1be7cf2f359e7ddee829ebaeb7d8
posix.mode 100555
posix.permissions.group.id 0
posix.permissions.group.name wheel
posix.permissions.user.id 0
posix.permissions.user.name root
posix.time.created Wed Jul 06 22:34:48 +1200 2011
posix.time.modified Wed Jul 06 22:34:48 +1200 2011
F ./unlink
file.size 44528
key.MD5 b7921a96ce139ef9b959a671ae12e477
key.SHA2.256 94e2afd4f5285853e41a7d4854aa9fc08de055604593bcdbe8ca9e3ce5741838
posix.mode 100555
posix.permissions.group.id 0
posix.permissions.group.name wheel
posix.permissions.user.id 0
posix.permissions.user.name root
posix.time.created Wed Jul 06 22:34:48 +1200 2011
posix.time.modified Wed Jul 06 22:34:48 +1200 2011
F ./test
file.size 43120
key.MD5 1bb9e3e23eff695ed12ea9ae8ce710a2
key.SHA2.256 800fb9163be8504474f63faf488e2bb5d016852e93a1df49d82feb9f8e96d53a
posix.mode 100555
posix.permissions.group.id 0
posix.permissions.group.name wheel
posix.permissions.user.id 0
posix.permissions.user.name root
posix.time.created Wed Jul 06 22:34:50 +1200 2011
posix.time.modified Wed Jul 06 22:34:50 +1200 2011
-- Snip --
S
summary.directories 1
summary.excluded 0
summary.files 37
summary.size 9440400
summary.time.end Thu Aug 18 01:21:40 +1200 2011Specifying Checksums
Fingerprint can use specific checksum algorithms, including MD5, SHA1 and SHA2:
$ fingerprint -s MD5,SHA1,SHA2.256,SHA2.512 /bin/
C /bin
fingerprint.version 1.3.0
options.checksums MD5, SHA1, SHA2.256, SHA2.512
options.extended false
summary.time.start Thu Aug 18 01:39:03 +1200 2011
D ./
F ./zsh
file.size 1103984
key.MD5 88b8770d89a8b6e1ff0a0af26c535f87
key.SHA1 83082064deb13c7a85c68a47dd2726bebf88595c
key.SHA2.256 9c2905022d664ac1ca67949f9475947249019809ac9f4a79992fc4c2a9cc0fc7
key.SHA2.512 bdb917c92e121b75a032403329b8bf0b06374b6bfad77d30e23b9d937482d483e6c38d63f95ab083ca778837aca300f3ac178cd7074d4b16f999db9b6cfbfa2d
F ./wait4path
file.size 34576
key.MD5 ba084bba5a7d0ad615ab2822c1c8ab12
key.SHA1 a28fd8bf13a4e67c7ac5c14cbc69b11caa51ba34
key.SHA2.256 e33436d49713991ebc465530f84f46f8efad1be7cf2f359e7ddee829ebaeb7d8
key.SHA2.512 b4a396c66c5b02a96a0a5b4f9215b9fd74d68fc3ed6e55a398609559e20a07fd6abbbf97b7cf475f0e92420afdcb779865cd8911b5a2ec20f38999146493d777
F ./unlink
file.size 44528
key.MD5 b7921a96ce139ef9b959a671ae12e477
key.SHA1 028dc401dd145c183091e78ec1c5664d9a2fc8ee
key.SHA2.256 94e2afd4f5285853e41a7d4854aa9fc08de055604593bcdbe8ca9e3ce5741838
key.SHA2.512 38f0ae069ebb987ec407313dc252e1b2bc927bb434c01e7f4293c9d35e8fba456d5b92e133b043aad310a4caddb604fd2882acdb88fe21f3094427b93b6bf7a8
F ./test
file.size 43120
key.MD5 1bb9e3e23eff695ed12ea9ae8ce710a2
key.SHA1 c63d647b1cfb36be9862d7584128720ea9834980
key.SHA2.256 800fb9163be8504474f63faf488e2bb5d016852e93a1df49d82feb9f8e96d53a
key.SHA2.512 4a120764f784f7e3c3d8ed80eeaf0ca4dc6a9256b5c67a05c2648fff36433dde5f077cea97d4a4abf03971b8121b517f2ddc4a305c9441c7dfd8d0b719723f50
-- Snip --
S
summary.directories 1
summary.excluded 0
summary.files 37
summary.size 9440400
summary.time.end Thu Aug 18 01:39:04 +1200 2011
Using different checksums allows increased security at the cost of processing power, in the following order from weak to strong: MD5, SHA1, SHA2.256, SHA2.512. Using multiple checksums can assist when migrating from a weaker checksum to a stronger checksum, so that old fingerprints can be verified which only support a weaker checksum.
Progress
When fingerprinting large amounts of data, it can be reassuring to watch the progress of the command:
$ fingerprint --progress /bin/
C /bin
fingerprint.version 1.3.0
options.checksums MD5, SHA2.256
options.extended false
summary.time.start Thu Aug 18 01:44:17 +1200 2011
D ./
<span class="stderr"># Progress: File 0 / 37 = 0.00%; Byte 0 / 9440400 = 0.00%</span>
F ./zsh
file.size 1103984
key.MD5 88b8770d89a8b6e1ff0a0af26c535f87
key.SHA2.256 9c2905022d664ac1ca67949f9475947249019809ac9f4a79992fc4c2a9cc0fc7
<span class="stderr"># Progress: File 1 / 37 = 2.70%; Byte 1103984 / 9440400 = 11.69%</span>
F ./wait4path
file.size 34576
key.MD5 ba084bba5a7d0ad615ab2822c1c8ab12
key.SHA2.256 e33436d49713991ebc465530f84f46f8efad1be7cf2f359e7ddee829ebaeb7d8
<span class="stderr"># Progress: File 2 / 37 = 5.41%; Byte 1138560 / 9440400 = 12.06%</span>
F ./unlink
file.size 44528
key.MD5 b7921a96ce139ef9b959a671ae12e477
key.SHA2.256 94e2afd4f5285853e41a7d4854aa9fc08de055604593bcdbe8ca9e3ce5741838
<span class="stderr"># Progress: File 3 / 37 = 8.11%; Byte 1183088 / 9440400 = 12.53%</span>
F ./test
file.size 43120
key.MD5 1bb9e3e23eff695ed12ea9ae8ce710a2
key.SHA2.256 800fb9163be8504474f63faf488e2bb5d016852e93a1df49d82feb9f8e96d53a
<span class="stderr"># Progress: File 4 / 37 = 10.81%; Byte 1226208 / 9440400 = 12.99%</span>
-- Snip --
F ./[
file.size 43120
key.MD5 1bb9e3e23eff695ed12ea9ae8ce710a2
key.SHA2.256 800fb9163be8504474f63faf488e2bb5d016852e93a1df49d82feb9f8e96d53a
<span class="stderr"># Progress: File 37 / 37 = 100.00%; Byte 9440400 / 9440400 = 100.00%</span>
S
summary.directories 1
summary.excluded 0
summary.files 37
summary.size 9440400
summary.time.end Thu Aug 18 01:44:18 +1200 2011Progress information is printed to $stderr, as denoted by the red colour above.