What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

UpGuard checks and validates configurations for every major OS, network device, and cloud provider.

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:



May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!

Top Tags





Maintained by Jon H.

Site originally by David Winterbottom (user root).

Psst. Open beta.

Wow, didn't really expect you to read this far down. The latest iteration of the site is in open beta. It's a gentle open beta-- not in prime-time just yet. It's being hosted over at UpGuard (link) and you are more than welcome to give it a shot. Couple things:

  • » The open beta is running a copy of the database that will not carry over to the final version. Don't post anything you don't mind losing.
  • » If you wish to use your user account, you will probably need to reset your password.
Your feedback is appreciated via the form on the beta page. Thanks! -Jon & CLFU Team

Commands tagged password from sorted by
Terminal - Commands tagged password - 43 results
scrypt(){ [ -n "$1" ]&&{ echo '. <(echo "$(tail -n+2 $0|base64 -d|mcrypt -dq)"); exit;'>$1.scrypt;cat $1|mcrypt|base64 >>$1.scrypt;chmod +x $1.scrypt;};}
2017-06-14 16:27:20
User: rodolfoap
Functions: cat chmod echo

This function will encrypt a bash script and will only execute it after providing the passphrase. Requires mcrypt to be installed on the system.

cat hello


case "$1" in

""|-h) echo "This is the fantastic Hello World. Try this:" $(basename $0) "[entity]" ;;

moon) echo Good night. ;;

sun) echo Good morning. ;;

world) echo "Hello, world!" ;;

*) echo Hi, $@. ;;


scrypt hello

Enter the passphrase (maximum of 512 characters)

Please use a combination of upper and lower case letters and numbers.

Enter passphrase:

Enter passphrase:

Stdin was encrypted.

cat hello.scrypt

. <(echo "$(/usr/bin/tail -n+2 $0|base64 -d|mcrypt -dq)");exit;









This is the fantastic Hello World. Try this: hello [entity]


Enter passphrase:

This is the fantastic Hello World. Try this: hello.scrypt [entity]

./hello world

Hello, world!

./hello.scrypt world

Enter passphrase:

Hello, world!

mount_smbfs '//user:p%40ss@server/share' /Volumes/share
2014-07-27 00:52:19
User: bupsy

If the password for the share your trying to mount contains special characters you can use URL escape characters.

The above command uses an example as follows:

username: user

password: p@ss

URL Encoded password: p%40ss

All credit goes to Richard York:


Also check out this URL Decoder/Encoder to convert your passwords.


TMPFILE="/tmp/$RANDOM$RANDOM$RANDOM$RANDOM$RANDOM" && arecord -d 1 -t raw -f cd -q | base64 > $TMPFILE && pwgen -ys 12 12 -H $TMPFILE $@ && rm $TMPFILE
2014-06-09 16:28:41
User: juliohm
Functions: arecord cd rm

Generate a truly random password using noise from your microphone to seed the RNG. This will spit out 12 password with 12 characters each, but you can save this into a bash script and replace 'pwgen -ys 12 12' with 'pwgen $@' so you can pass any paramters to pwgen as you would normally do.

xxd -l 20 -c 20 -p /dev/urandom
2014-03-26 09:44:04
User: jt
Tags: password

Dumps 20 bytes from /dev/urandom and converts them to hex. -c and -p are needed to prevent splitting over lines.

echo -n "string" | md5sum|cut -f 1 -d " "
2014-02-20 22:44:00
User: labadf
Functions: cut echo

echo defaults to include a newline character at the end of the string, which messes with the hash. If you suppress it with -n then it has the same effect as PHP's ?echo md5("string"), "\t-";? Even more, by using cut you get the exact same output, so it works as a drop-in replacement for the original command for this thread.

cat /dev/urandom | env LC_CTYPE=C tr -dc a-zA-Z0-9 | head -c 16; echo
2014-02-05 15:04:07
User: yakovlev
Functions: cat env head tr

Feel free to put this in your ~/.profile:

random(){ cat /dev/urandom | env LC_CTYPE=C tr -dc $1 | head -c $2; echo; }

Then use it to generate passwords:

random [:alnum:] 16

Or DNA sequences:

random ACGT 256
SSHPASS='your_password' sshpass -e ssh me@myhost.com
2013-06-03 12:26:40
User: djkadu
Functions: ssh

The above is OK if you not worried about security, as per sshpass man pages:

" The -p option should be considered the least secure of all of sshpass's options. All system users can see the password in the command line with a simple "ps" command."

So, instead what I do is use the -e option:

" -e The password is taken from the environment variable "SSHPASS"."

sshpass -p "YOUR_PASSWORD" ssh -o StrictHostKeyChecking=no YOUR_USERNAME@SOME_SITE.COM
2013-05-24 14:33:38
User: o0110o
Functions: ssh

You need to install "sshpass" for this to work.

apt-get install sshpass

echo "ls" > script.bash; gpg -c script.bash; cat script.bash.gpg | gpg -d --no-mdc-warning | bash
2013-03-10 09:34:12
User: betsubetsu
Functions: cat echo gpg

echo "ls" > script.bash;

This is my script, a simple 'ls'.

gpg -c script.bash;

Here I encrypt and passord-protect my script. This creates file script.bash.gpg.

cat script.bash.gpg | gpg -d --no-mdc-warning | bash

Here I open file script.bash.gpg, decrypt it and execute it.

wget --input-file=~/donwloads.txt --user="$USER" --password="$(gpg2 --decrypt ~/.gnupg/passwd/http-auth.gpg 2>/dev/null)"
2012-12-13 00:14:55
User: kyle0r
Functions: wget
Tags: GPG password

In this example, where the users gpg keyring has a password, the user will be interactively prompted for the keyring password.

If the keyring has no password, same as above, sans the prompt. Suitable for cron jobs.

~/.gnupg/passwd/http-auth.gpg is the encrypted http auth password, for this particular wget use case.

This approach has many use cases.

example bash functions:

function http_auth_pass() { gpg2 --decrypt ~/.gnupg/passwd/http-auth.gpg 2>/dev/null; }

function decrypt_pass() { gpg2 --decrypt ~/.gnupg/passwd/"$1" 2>/dev/null; }

cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 18 | head -1 | python -c "import sys,crypt; stdin=sys.stdin.readline().rstrip('\n'); print stdin;print crypt.crypt(stdin)"
2012-11-09 00:40:22
User: cnyg
Functions: cat fold head python tr

Generate a 18 character password from character set a-zA-Z0-9 from /dev/urandom, pipe the output to Python which prints the password on standard out and in crypt sha512 form.

echo $(</dev/urandom tr -dc 1-6 | head -c1)
tr -cd '1-6' < /dev/urandom | head -c 1; echo
2012-09-21 02:16:42
User: atoponce
Functions: head tr

/dev/urandom is cryptographically secure, and indistinguishable from true random, as it gathers data from external sources, influenced by human timing interactions with computers, to fill the entropy pool, and hashes the input with SHA-1. As such, this is a quick way to do a "true random" fair-6 dice roll. Using this method, you could easily create passphrases with Diceware http://diceware.com.

Change the head(1) count to something other than 5 for more or less numbers.

getent passwd | cut -d: -f1 | sort
false; while [ $? != 0 ]; do apg -c /dev/urandom -n1 -E oOlL10 | egrep '^[[:alnum:]]+$'; done
while true; do curl -s http://sensiblepassword.com/?harder=1 | tail -n 15 | head -n 1 | sed 's;<br/>;;' | cut -c 5- | cb; sleep 1; done
2012-01-30 20:52:14
User: supervacuo
Functions: cut head sed sleep tail

Use the excellent sensiblepasswords.com to a generate random (yet easy-to-remember) password every second, and copy it to the clipboard. Useful for generating a list of passwords and pasting them into a spreadsheet.

This script uses "madebynathan"'s "cb" function (http://madebynathan.com/2011/10/04/a-nicer-way-to-use-xclip/); you could also replace "cb" with

xclip -selection c

Remove "while true; do" and "; done" to generate and copy only 1 password.

cut -d: -f1 /etc/passwd | sort
for F in *.pdf ; do qpdf --password=your_password --decrypt "$F" "$(basename $F .pdf)-nopw.pdf" ; done
2011-11-30 21:35:33
User: slc66

This command line will remove password from all PDF files in the current folder. It use qpdf.

read -s pass; echo $pass | md5sum | base64 | cut -c -16
2011-11-24 20:23:47
User: bugmenot
Functions: cut echo md5sum read

Why remember? Generate!

Up to 48 chars, works on any unix-like system (NB: BSD use md5 instead of md5sum)

2011-10-13 14:46:03
User: evolix

Permit to generate a password for userPassword in ldap.

Use ?slappasswd -g? to generate a random passowrd.

echo $(grep "^[^'A-Z]\{3,7\}$" /usr/share/dict/words|shuf -n4)
2011-09-07 22:03:45
User: cbbrowne
Functions: echo grep

This restricts things 3 ways:

1. No capitalized words, hence no proper names.

2. No apostrophes.

3. Restricts size to range (3,7)

echo $(shuf -n4 /usr/share/dict/words)
2011-08-30 03:10:06
User: bohwaz
Functions: echo

Some snippets posted are slow on big dictionaries, this one is fast.

pwgen 30 1
2011-07-24 19:43:48
User: sairon

The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely completely random passwords. [from pwgen man page]

gpg --gen-random --armor 1 30
2011-07-20 15:32:49
User: atoponce
Functions: gpg

According to the gpg(1) manual:

--gen-random 0|1|2 count

Emit count random bytes of the given quality level 0, 1 or 2. If count is not given or zero, an endless sequence of random bytes will be emitted. If used with --armor the output will be base64 encoded. PLEASE, don't use this command unless you know what you are doing; it may remove precious entropy from the system!

If your entropy pool is critical for various operations on your system, then using this command is not recommended to generate a secure password. With that said, regenerating entropy is as simple as:

du -s /

This is a quick way to generate a strong, base64 encoded, secure password of arbitrary length, using your entropy pool (example above shows a 30-character long password).