TIPS: generate a crypt password in Linux

BKJIA quick translation: When we use the Red Hat Kickstart script or useradd or other methods to write things, we often need to use the password format encrypted by the crypt command. Is there any other way to generate a password in this format? In fact, there are many methods.

We can use the mkpasswd command: this command is used to generate a password in crypt format:

mkpasswd

After the command is entered, the program requires a password and then generates a string in crypt format.

If you use an Apache Web server, you can also use htpasswd:

htpasswd -nd user

User Name) It doesn't matter what it is called. We focus on passwords. This command will output a user: password string, directly copy the password field and it will be OK.

With OpenSSL, you can use the openssl command:

openssl passwd -crypt myPassword

Replace the myPassword in the above command with the password string you want to use.

There are other ways to directly input commands in the command line. However, there is a problem with this method, that is, the password can be seen in the ps command, the password is recorded in the shell history.

However, there is a solution to this problem: Use a script or a language interpreter.

For example, use Perl:

perl -e "print crypt('password','sa');"

Perl requires an encryption salt. For example, sasalt indicates the random string used in encryption. different salts can generate different encryption results ).

Ruby also needs encryption salt:

ruby -e 'print "password".crypt("JU"); print("\n");'

PHP can also:

php -r "print(crypt('password','JU') . \"\n\");"

Note that if encryption salt is not used, such as JU in the preceding command, the output string is not in crypt encryption format, but in MD5 encryption format. Therefore, encrypted salt is a required parameter.

Python needs to import the crypt library and use the encryption salt:

python -c 'import crypt; print crypt.crypt("password","Fx")'

The encryption salt here is Fx.

The database can also generate a crypt password. For example, MySQL:

echo "select encrypt('password');" | mysql

In addition, the trf in Tcl and Ubuntu, as well as the Lua-crypt plug-in of lua, can achieve the same purpose.

Please add other methods!

English Source