Linux password hash generator

Generate passwords and encrypt/decrypt content in Linux

OpenSSL is one of the utilities available with all major Linux distributions. We can use the same to encrypt and decrypt passwords in Linux to protect sensitive data.

Generate Random Passwords

We can utilities like mkpasswd or pwgen to generate random passwords if needed:

# generates multiple 8-character passwords pwgen # generates single random password makepasswd # generates multiple 12-character passwords pwgen 12 makepasswd --chars=12 # generates specified 12-character passwords, say 5 pwgen 12 5 makepasswd --chars=12 --count=5

Generate Encrypted/Hashed Passwords

We can generated encrypted passwords with utilities like makepasswd :

# generates 12-character password and encrypted password with crypt algorithm makepasswd --chars=12 --crypt # generates 12-character password and encrypted password with crypt algorithm + salt makepasswd --chars=12 --crypt --cryptsalt=20 # generates 12-character password and encrypted md5 password makepasswd --chars=12 --crypt-md5

With openssl , we can generated hashed-passwords for supplied password as input:

# generates hashed password with crypt algorithm openssl passwd -crypt my_password # generates hashed password with crypt algorithm + salt openssl passwd -crypt -salt my_salt my_password # generates hashed md5 password openssl password -1 my_password # generates hashed sha-256/512 password openssl password -5 my_password

Encrypting Contents with OpenSSL

Lets say we have a file with some sensitive content. We can encrypt sensitive content, say “my_content” with openssl with different encryption algorithms in the below manner:

# encrypt string with algorithm pbkdf2 with randomly generated salt and input password echo «my_content» | openssl enc -pbkdf2 -a -salt -pass pass:my_password # decrypt string (encoded as above) # note: just add parameter -d to above openssl parameters echo «bXlfY29udGVudAo=» | openssl enc -pbkdf2 -a -d -salt -pass pass:my_password # encrypt string with algorithm aes-256-cbc with randomly generated salt and input password echo «my_content» | openssl enc -aes-256-cbc -a -salt -pass pass:my_password # decrypt string (encoded as above) # note: just add parameter -d to above openssl parameters echo «U2FsdGVkX19MdDInWumh31tKJoqR5HQwSXlxj3NiRC8 wp-block-code»> cloud_user@d7e5dc06581c:~$ echo «my_content» | openssl enc -pbkdf2 -a -salt -pass pass:my_password bXlfY29udGVudAo= cloud_user@d7e5dc06581c:~$ echo «bXlfY29udGVudAo=» | openssl enc -pbkdf2 -a -d -salt -pass pass:my_password my_content cloud_user@d7e5dc06581c:~$ echo «my_content» | openssl enc -aes-256-cbc -a -salt -pass pass:my_password *** WARNING : deprecated key derivation used. Using -iter or -pbkdf2 would be better. U2FsdGVkX19MdDInWumh31tKJoqR5HQwSXlxj3NiRC8= cloud_user@d7e5dc06581c:~$ echo «U2FsdGVkX19MdDInWumh31tKJoqR5HQwSXlxj3NiRC8 jp-post-flair» >

Читайте также:  Сколько устанавливается linux mint

Источник

How to Generate, Encrypt and Decrypt Random Passwords in Linux

In this article, we will share some interesting command-line tools to generate random passwords and also how to encrypt and decrypt passwords with or without the slat (a security measure used in password hashing) method.

Security is one of the major concerns of the digital age. We set passwords to computers, email, cloud, phones, documents, and whatnot. We all know the basic to choose a password that is easy to remember and hard to guess.

What about some sort of machine-based password generation automatically using pwgen or makepasswd – a command-line password generator used to generate random passwords based on length, complexity, and character.

PWgen – Generate a Random Password on Linux

To generate a random unique password of length equal to 10 characters use the ‘pwgen‘ command. If you have not installed pwgen, you can install it using your respective package managers as shown.

$ sudo apt install pwgen [On Debian, Ubuntu and Mint] $ sudo yum install pwgen [On RHEL/CentOS/Fedora and Rocky/AlmaLinux] $ sudo emerge -a sys-apps/pwgen [On Gentoo Linux] $ sudo apk add pwgen [On Alpine Linux] $ sudo pacman -S pwgen [On Arch Linux] $ sudo zypper install pwgen [On OpenSUSE]

Once ‘pwgen‘ is installed, you can use it to generate a single password as shown.

To generate several random unique passwords of character length 50 in one go, use:

pwgen - Generate Random Passwords

Makepasswd – Generate Unique Passwords on Linux

The makepasswd command is another password generator that is used to generate unique random passwords based on a given length.

Читайте также:  Check opened files linux

Before you can use the makepasswd command, make sure you have installed it. If not, you may install it using your distribution’s package manager as shown.

$ sudo apt install makepasswd [On Debian, Ubuntu and Mint] $ sudo yum install makepasswd [On RHEL/CentOS/Fedora and Rocky/AlmaLinux] $ sudo emerge -a sys-apps/makepasswd [On Gentoo Linux] $ sudo apk add makepasswd [On Alpine Linux] $ sudo pacman -S makepasswd [On Arch Linux] $ sudo zypper install makepasswd [On OpenSUSE]

To generate a random password of character length 10 (default value is 10).

To generate a random password of character length 50.

To generate 7 random passwords of 20 characters.

$ makepasswd --char 20 --count 7

makepasswd - Generate Random Passwords

mkpasswd – Encrypt a Password in Linux

To encrypt a password using crypt (a Python standard library) along with the salt method.

For those who may not be aware of salt, which is random data that serves as an additional input to a one-way function in order to protect passwords against dictionary attacks.

The mkpasswd command is a part of the whois package, and it is not installed on most modern Linux distributions, you need to install it using your distribution’s package manager.

$ sudo apt install whois [On Debian, Ubuntu and Mint] $ sudo yum install whois [On RHEL/CentOS/Fedora and Rocky/AlmaLinux] $ sudo emerge -a sys-apps/whois [On Gentoo Linux] $ sudo apk add whois [On Alpine Linux] $ sudo pacman -S whois [On Arch Linux] $ sudo zypper install whois [On OpenSUSE]

Now run the makepasswd command, which will encrypt the password with salt. The salt value is taken randomly and automatically. Hence every time you run the below command it will generate different outputs because it is accepting a random value for salt every time.

Читайте также:  Find files greater than linux

Running the above command will generate a random salt value and use it to create the password hash for the password “tecmint.” The output will include the generated password hash.

To generate an SHA-512 password hash with the password “tecmint”, you can use the following command:

$ mkpasswd -m sha-512 tecmint

The output will be the generated password hash, which you can use for password storage or authentication purposes.

Moreover, mkpasswd is interactive and if you don’t provide a password along with the command, it will ask password interactively.

mkpasswd - Encrypt Password in Linux

Encrypt a String with Password in Linux

To encrypt a string say “Tecmint-is-a-Linux-Community” using aes-256-cbc encryption using a password say “tecmint” and salt.

$ echo Tecmint-is-a-Linux-Community | openssl enc -aes-256-cbc -a -salt -pass pass:tecmint -pbkdf2

Here in the above example, the output of the echo command is pipelined with the openssl command that passes the input to be encrypted using Encoding with Cipher (enc) that uses aes-256-cbc encryption algorithm with salt it is encrypted using the password (tecmint) and -pbkdf2 algorithm.

Encrypt String with Password in Linux

Decrypt a String in Linux

To decrypt the above string use the openssl command using the -aes-256-cbc decryption.

# echo U2FsdGVkX18Zgoc+dfAdpIK58JbcEYFdJBPMINU91DKPeVVrU2k9oXWsgpvpdO/Z | openssl enc -aes-256-cbc -a -d -salt -pass pass:tecmint

Decrypt String in Linux

That’s all for now. If you know any such tips and tricks you may share in the comment section, your tip will be published under your name and also we will include it in our future article.

Источник

Оцените статью
Adblock
detector