Ask HN: Should I implement my own integrity checks on my fileserver?

2•jacobwilliamroy•8mo ago

So I have an SFTP server [Ubuntu 24.04.2 LTS (GNU/Linux 6.8.0-55-generic x86_64)] and an SFTP client (Windows 11): the client downloads files from the SFTP server. I had an idea to implement integrity checks by hashing the file on server side and also hashing the client's copy of the file after it is downloaded, then comparing the hashes to ensure the data was downloaded correctly. My question is: should I spend time implementing this? Does the OS already do this? This seems like something an OS should do.

Comments

PaulHoule•8mo ago

It could be expensive for the OS to update a secure hash for a file every time you write() to it.

daveguy•8mo ago

SFTP protocol includes checksum hashing on each packet sent. So corruption from the network is very unlikely (as it is also encrypted).

On the write to disk side, you are probably best off using ZFS or btrfs as the filesystem. These contain the option for similar integrity checks / error correction on write.

What is your threat model? Are you concerned about adversarial changes to the data or just prevention of corruption? Either way an adversary would have to be deep in your system or mitm to get around the transfer protocol protections. And the transfer protocols used by SFTP should handle random network corruption.

jacobwilliamroy•8mo ago

I am only trying to ensure the data on the local system is the same as the data on the server. There is no adversary in the middle modifying data; so this is strictly about detecting corruption.

Discovering the "original" iPhone from 1995 [video]

Psychometric Comparability of LLM-Based Digital Twins

SidePop – track revenue, costs, and overall business health in one place

The Other Markov's Inequality

The Cascading Effects of Repackaged APIs [pdf]

Lightweight and extensible compatibility layer between dataframe libraries

Haskell for all: Beyond agentic coding

Dorsey's Block cutting up to 10% of staff

Show HN: Freenet Lives – Real-Time Decentralized Apps at Scale [video]

In the AI age, 'slow and steady' doesn't win

Administration won't let student deported to Honduras return

How were the NIST ECDSA curve parameters generated? (2023)

AI, networks and Mechanical Turks (2025)

Goto Considered Awesome [video]

Show HN: I Built a Free AI LinkedIn Carousel Generator

Implementing Auto Tiling with Just 5 Tiles

Open Challange (Get all Universities involved

Apple Tried to Tamper Proof AirTag 2 Speakers – I Broke It [video]

Show HN: Isolating AI-generated code from human code | Vibe as a Code

Show HN: More beautiful and usable Hacker News

Toledo Derailment Rescue [video]

War Department Cuts Ties with Harvard University

Show HN: LocalGPT – A local-first AI assistant in Rust with persistent memory

A Bid-Based NFT Advertising Grid

AI readability score for your documentation

NASA Study: Non-Biologic Processes Don't Explain Mars Organics

I inhaled traffic fumes to find out where air pollution goes in my body

X said it would give $1M to a user who had previously shared racist posts

155M US land parcel boundaries

Private Inference