Welcome to Software Development on Codidact!
Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.
Post History
"Hash Sum mismatch" printed by apt-get on Debian and derivatives means that the file as downloaded had a different cryptographic checksum (hash) than what's listed in the packages list. In this ca...
Answer
#1: Initial revision
"Hash Sum mismatch" printed by `apt-get` on Debian and derivatives means that the file as downloaded had a different cryptographic checksum (hash) than what's listed in the packages list. In this case, the package list is the one at http://us.archive.ubuntu.com/ubuntu/dists/focal-updates/main/binary-amd64 which lists the expected SHA256 hash as 9d469246b988425afdfef1011f72cfc6ece473e4dd35193005a81c7b73d865b6, consistent with what you show but not with the file that apparently ends up being downloaded. There are four main reasons that I can think of why you might see such an error: * The package archive is in the process of being updated; this seems unlikely, and if that's the case, the situation should be resolved soon and after at most an `apt-get update` * There is an error in the packaging process (basically, the distribution vendor screwed up somewhere); if so, if the situation isn't resolved soon, you should file a bug report with them against the affected package * Your system is somehow misconfigured, and you need to figure out why it's downloading mismatched package manifests and package files; however, if that were the case, I would expect you to be having similar difficulties with most or all packages, not just a single one * There is an active attack going on somewhere, causing you to receive different packages lists and actual package files; in this case, the tools are doing their job by preventing you from installing packages with unexpected, unknown and potentially dangerous contents You can try to spin up a VM with the same release of Ubuntu and no customizations and try to install the affected package there; if *that* works, it's likely something local to your system, and you need to figure out in what way it's misconfigured and how to fix that (which is decidedly not a software development problem, but might very well be a [Linux](https://linux.codidact.com/) question). If that doesn't work either, and the situation doesn't get resolved in a day or two at most and with no more action on your part than an `apt-get update`, especially if you haven't made changes to your package manager configuration around the time when this started, then you are likely justified in filing a bug report against the affected package and distribution version with your distribution vendor.