ops@toolbox:~$ hashgenerator --run

Hash Generator

MD5, SHA-1, SHA-256, SHA-384 and SHA-512 checksums of any text, computed locally.

MD5
SHA-1
SHA-256
SHA-384
SHA-512

MD5 and SHA-1 are shown for legacy checksum verification only, do not use them for anything security-sensitive.

What this tool does

Paste any text and get its MD5, SHA-1, SHA-256, SHA-384 and SHA-512 digests instantly. The SHA family is computed with the browser's native crypto.subtle.digest() (the same audited implementation your browser uses for TLS) and MD5 uses a compact JavaScript implementation, since browsers deliberately do not expose MD5 anymore. Your input never leaves the page.

When sysadmins actually need this

The most common case is verifying a download: a vendor publishes sha256sum values next to an ISO or tarball, and you want to confirm the file you got matches. (For files, use sha256sum file.iso on the box itself; this tool is for text, config blobs, tokens, strings in log lines.) Other everyday uses: comparing whether two configuration snippets are byte-identical, generating cache keys, deduplicating log entries, or checking what a hash in a database column corresponds to.

Which algorithm should you use?

SHA-256 is the sensible default in 2026, fast, universally supported, no known practical attacks. SHA-512 is marginally faster on 64-bit CPUs and gives a wider digest; some Linux distributions use it for /etc/shadow ($6$ entries). MD5 and SHA-1 are cryptographically broken (collisions can be manufactured) so they are only acceptable for accidental-corruption checks against legacy published checksums.

A note on password hashing

None of these algorithms should be used directly for storing passwords, no matter how many rounds you apply by hand. Password storage needs a deliberately slow, salted KDF: argon2id, bcrypt, or scrypt. A GPU can attempt billions of raw SHA-256 hashes per second; it manages only thousands of bcrypt attempts. If you find plain MD5 or SHA-1 password hashes in a system you inherit, treat migrating them as a priority, not a nice-to-have.

Related tools

Password Generator
Cryptographically secure passwords and passphrases, generated locally in your browser.
JWT Decoder
Decode JSON Web Tokens locally: header, payload, expiry check and human-readable claims.
htpasswd Generator
Generate bcrypt htpasswd entries for Apache and nginx basic auth, locally.
TOTP Code Generator
Generate 2FA codes from a Base32 secret, with live countdown, fully client-side.