Skip to main content

Verifying Access Server Downloads with SHA256SUM

When downloading Access Server files manually, you can ensure that the files you receive are authentic and have not been tampered with. One way to do this is using SHA256 checksums, which provide a unique signature for each file. You can compare this signature with the one we provide to confirm the integrity of the downloaded files. If the checksum matches, you can be confident that the file is intact and authentic.

SHA256 checksums for Access Server files

Artifacts

File Name

SHA256SUM

openvpn-as-2.14.2_40b190d8-1.el8.x86_64.rpm

6fe707e92df51546f3ea86fe2c055721c7e62613ff603f124a62f8a52112aaab

openvpn-as-2.14.2_40b190d8-1.el9.x86_64.rpm

e07756ca1262e34da3d529310e05b377546fb6b4692544a1f2b9923604b1700e

openvpn-as_2.14.2-40b190d8-Debian11_amd64.deb

a0d7d015873fb805ff9c9d911d836727f47238b510fa4dd0a00a13b19bc4bbd5

openvpn-as_2.14.2-40b190d8-Debian12_amd64.deb

675554c09aed6b4232f3a8e4dffad5c656bf43c3153741c55ce5ce9e5e0d2e41

openvpn-as_2.14.2-40b190d8-Ubuntu20_amd64.deb

2a0cbb81713bb58b2803c7ff82b5eb71944a1b2c69f169dad1ad8317e740e42b

openvpn-as_2.14.2-40b190d8-Ubuntu20_arm64.deb

649bd6b1aed407d18ca7dffcf138d28c8b65ed7b5571b6af1fb4b05354b8c2ec

openvpn-as_2.14.2-40b190d8-Ubuntu22_amd64.deb

b35a57f61ee293c0cd51ca197d04a48cb774cbd7a3dfc24501a81bac2daf0973

openvpn-as_2.14.2-40b190d8-Ubuntu22_arm64.deb

67c670d2a1c84d832f2a87ac073fa4f5c19e4d6c8564210788e35e4d5191491b

openvpn-as_2.14.2-40b190d8-Ubuntu24_amd64.deb

f36f3802e25a0ebfd35f6921f1dee3a215d4359467f0d15d4305bba7ba1787be

openvpn-as_2.14.2-40b190d8-Ubuntu24_arm64.deb

0c8a9e9181882b135928df453dda436b8aaa9eb2293d4894c35bf43f6640e9a6

openvpn-as-bundled-clients_32_all.deb

9114c7dc205184ec199949ee2c7fd96b2942fa71df1f91d085c37cf397b3a76f

openvpn-as-bundled-clients-32-1.noarch.rpm

f7276e6475fedf701eb34ffcf4dd8b69e4f244eb43e7df096151dde7813fb1e7

Scripts

File Name

SHA256SUM

Version

install.sh

18a1d2fb5ed3ac2d0decb93cc78d8e2fe03808a1d3c925122dcd928aa194fb01

1.3

bridge-down.sh

279a3321fd2760d6eb1acb0ba71c9b862bc33c9ced1efa775142d4697b28a848

1.0

bridge-up.sh

5538ee6e9d6cb2e2bb5882d54c69fd044ca89375c1406ad5432877d01369c091

1.0

ipsec.conf

0123c2613e9a605bb3f2f8817d1e466cbd9f2410450c7e7ddf8f353e4ea9042a

1.0

ipsec.secrets

df247bc3b5d82dc5a30539893a23731b73979345db2a18314cd8b641d367de75

1.0

ipsec.sh

131a9627a686fff6a1cbc067339a3c11057ca1dcf29108805217b6a16036ddff

1.0

pascrs.py

a260aaf39d7b8d3cf6474a852c69a50c7929c4839d5a323a1671fbc69949e9b2

1.0

pasvar.py

4c1c45fa98b39d3372a7da1fcc6437241cb46a111ae98cb60a3e08c5428c0a44

1.0

post_auth_custom_auth.py

55f2fdb1d7b38d635b57443f4ab0e9aee2717d94e06ec5b14c36ca4a36397a08

1.0

post_auth_ip_address_checking.py

c62a78ec338815f9548f77d76166b5a2c050d79db6471fcf9f7fc040fa7d3741

1.0

post_auth_ldap_autologin_dbsave.py

f96dc0a01f9794e9afa10a19df507c0b4cccc6815b440ffbeadad9e536a1827f

1.0

post_auth_mac_address_checking.py

a8adb293a50d304fb82b55adaafde21e1d2fe3d136523c127f5df11feb4604af

2.0

post_auth_pas_only.py

dcb41038549de251461559fb25c25e369a32c72685492ce5005a793fc52d508a

1.0

post_auth_radius_mapping.py

1e6537b8ee39d3eda25ae65548ffc91180f456ce3ce8780e89a5d804fce9866a

2.0

post_auth_saml_group_mapping.py

0fe484cca8c7169653b9ec52b41f96264080f819b1818924c6a698b9c7771400

1.0

What is SHA256SUM?

SHA256SUM is a tool that generates a 256-bit hash (a unique string of characters) for a file. A calculation based on the file's contents generates this hash, and if even one byte of the file changes, the hash will be completely different. By comparing the hash of your downloaded file with the official hash provided by us, you can verify that the file hasn't been altered or corrupted.

Why verify files with SHA256SUM?

  1. Verifying the file ensures it wasn't corrupted during the download process.

  2. Comparing the checksum helps protect against any unauthorized modifications to the file.

  3. Downloading a file from an official source may not always guarantee safety if the file is intercepted and altered. To ensure the file is legitimate, you should verify the checksum.

How to verify your download

We recommend using the install.sh script from the Access Server Portal, as it leverages the operating system's built-in package manager to automatically authenticate packages with a trusted signing key, eliminating the need for manual verification. However, if preferred, you can manually validate the install.sh script's integrity using the SHA256 checksum provided in the table below.

For offline installations, you can manually check the integrity of any downloaded files using the provided SHA256 hashes. To verify a downloaded file, follow these steps:

  1. Connect to the console and get root privileges.

  2. Download the install script from the Access Server portal or manually download the Access Server file.

  3. Calculate the checksum of your downloaded file:

    sha256sum openvpn-as-x.deb1

    1

    Replace the filename with the file you want to check the integrity of.

  4. After running the command, the tool returns a checksum.

  5. Compare the checksum with the one listed for the file in the table below. If it matches, your file is authentic.

Important Notes

  • If you're using the installation script from the Access Server Portal, you can verify the integrity of install.sh with the last line in the table.

  • The easiest method to ensure the authenticity of Access Server installation files is to use our install script, which leverages the operating system's built-in package manager to authenticate downloaded packages using a trusted signing key automatically. This eliminates the need for manual file verification. However, suppose you prefer downloading the installation files manually, such as offline installations. In that case, you can authenticate their integrity by comparing the files against the provided SHA256 hashes to ensure they haven't been tampered with or corrupted.

In this section: