Checking the checksum

Once downloaded (which may take a while, since even minimal is large), you will be faced with an ISO image.

On my Ubuntu installation, I can see it in my Downloads folder:

$ ls ~/Downloads/
CentOS-7-x86_64-Minimal-1804.iso

One way to confirm our installation media and ensure that we've downloaded exactly what we expect, is to compare the Sha256 sum of the downloaded file with a known-good value. This both proves that it's the download we expect it to be, and also checks that no corruption has occurred during the file download.

CentOS provides a release notes page that we can visit to find the Sha256 sum we're comparing: https://wiki.centos.org/Manuals/ReleaseNotes.

Click through to Release Notes for CentOS 7, which should bring you to the most recent version of the release notes.

On this page, we can scroll down to Verifying Downloaded Installation Images, which will list the current Sha256 sums for the download images.

In my case, I can see that the Sha256 value for the file I just downloaded is as follows:

714acc0aefb32b7d51b515e25546835e55a90da9fb00417fbee2d03a62801efd  CentOS-7-x86_64-Minimal-1804.iso

With this in hand, I can go back to where I listed out the file in my Terminal, and run a basic command to check the Sha256 value of the downloaded image:

$ sha256sum CentOS-7-x86_64-Minimal-1804.iso 
714acc0aefb32b7d51b515e25546835e55a90da9fb00417fbee2d03a62801efd  CentOS-7-x86_64-Minimal-1804.iso

Comparing the value from the CentOS website with the value from my downloaded image confirms that they are the same.

The media is what we expected!