Monday, July 13, 2009

Shell: Linux Password Generator

A simple bash function to generate secure passwords with standard Unix programs:

function mkpw() { head /dev/urandom | uuencode -m - | sed -n 2p | cut -c1-${1:-8}; }
Add that to your ~/.bashrc file. The password length can be specified as an argument (defaults to 8).
Example usage:

$ mkpw
$ mkpw 10
On Ubuntu, the uuencode program is in the sharutils package. Alternatively, you could replace uuencode with md5sum or sha1sum, which would restrict the passwords to hex digits (and which would therefore make them appropriate for WEP keys and the like):

function mkpw_md5() { head /dev/urandom | md5sum | cut -c1-${1:-8}; }
function mkpw_sha1() { head /dev/urandom | sha1sum | cut -c1-${1:-8}; }


somecallmemike said...

Cool script, I took out the guts of the function and used it in a shell script to deploy a couple hundred accounts on our web server that needed unique passwords.


Unknown said...

Interesting post, and full of useful ideas, but I'm a little concerned about the behavior of head there. I'm very new to this stuff, though, so if I'm wrong, please do correct me!

Anyway, as written, doesn't that function have the potential to suck hundreds (or thousands!) of characters out of /dev/urandom, killing your entropy pool, just for eight bytes of randomness? It seems like using head's -c option right up front would be more economical. Any thoughts?

Anonymous said...
This comment has been removed by a blog administrator.