You can use this to check to see if anyone has modified, updated, upgraded, added, or removed any files on your system. After you’ve configured a system the way you want it, dump hash files for all the important directories, /etc, /bin, /usr/local, etc., or just dump the whole thing. Move the output to another system. Now if you want to check to see if something has changed, you can hash the file(s) in question and grep for the hash.

Instead of storing whole dd images, even if they’re just backups of small partitions, you can save space and bandwidth by piping dd into a compression utility like gzip. You can then unzip the files straight into sha1sum to get a checksum of what you just backed up.

You might want to do this to make sure a set of configuration files don’t get changed, or to figure out which files get changed when you build that random source code as root! (note to self: don’t make as root unless you have to, rpmbuild is bad enough!)