Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Universal configuration monitoring and system of record for IT.
Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!
Hide

Top Tags

Hide

Functions

Psst. Open beta.

Wow, didn't really expect you to read this far down. The latest iteration of the site is in open beta. It's a gentle open beta-- not in prime-time just yet. It's being hosted over at UpGuard (link) and you are more than welcome to give it a shot. Couple things:

  • » The open beta is running a copy of the database that will not carry over to the final version. Don't post anything you don't mind losing.
  • » If you wish to use your user account, you will probably need to reset your password.
Your feedback is appreciated via the form on the beta page. Thanks! -Jon & CLFU Team

Generate a random password 30 characters long

Terminal - Generate a random password 30 characters long
strings /dev/urandom | grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n'; echo
2009-02-16 00:39:28
User: jbcurtis
Functions: grep head strings tr
49
Generate a random password 30 characters long

Find random strings within /dev/urandom. Using grep filter to just Alphanumeric characters, and then print the first 30 and remove all the line feeds.

Alternatives

There are 5 alternatives - vote for the best!

Terminal - Alternatives
pwgen -Bs 10 1
2009-12-01 14:33:51
15

-B flag = don't include characters that can be confused for other characters (this helps when you give someone their password for the first time so they don't cause a lockout with, for example, denyhosts or fail2ban)

-s flag = make a "secure", or hard-to-crack password

-y flag = include special characters (not used in the example because so many people hate it -- however I recommend it)

"1 10" = output 1 password, make it 10 characters in length

For even more secure passwords please use the -y flag to include special characters like so:

pwgen -Bsy 10 1

output>> }&^Y?.>7Wu

< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c6
2009-02-24 09:43:40
User: Blackbit
Functions: head tr
11

If you want a password length longer than 6, changing the -c6 to read -c8 will give you 8 random characters instead of 6. To end up with a line-feed, use this with echo:

# echo `< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c6`

gpg --gen-random --armor 1 30
2011-07-20 15:32:49
User: atoponce
Functions: gpg
10

According to the gpg(1) manual:

--gen-random 0|1|2 count

Emit count random bytes of the given quality level 0, 1 or 2. If count is not given or zero, an endless sequence of random bytes will be emitted. If used with --armor the output will be base64 encoded. PLEASE, don't use this command unless you know what you are doing; it may remove precious entropy from the system!

If your entropy pool is critical for various operations on your system, then using this command is not recommended to generate a secure password. With that said, regenerating entropy is as simple as:

du -s /

This is a quick way to generate a strong, base64 encoded, secure password of arbitrary length, using your entropy pool (example above shows a 30-character long password).

cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 32
pwgen 30 1
2011-07-24 19:43:48
User: sairon
6

The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely completely random passwords. [from pwgen man page]

Know a better way?

If you can do better, submit your command here.

What others think

Add punctuation to the character set by using '[[:alnum:][:punct:]]' in the grep command.

Comment by hypatiafu 392 weeks and 2 days ago

OK, this is what I settled on to remove ambiguous characters:

strings /dev/urandom | grep -o '[[:graph:]]' | grep '[^0O1l]' | head -n 20 | tr -d '\n'; echo
Comment by hypatiafu 392 weeks and 2 days ago

I prefer http://sourceforge.net/projects/pwgen/ for generating random passwords. Shorter and more flexible.

Comment by Confusion 391 weeks and 4 days ago

I like apg: http://www.adel.nursat.kz/apg/

Comment by renich 391 weeks and 1 day ago

of course you can use a pre-built application, but if you did, you wouldn't be exercising your command-line-fu!

Comment by hypatiafu 390 weeks and 4 days ago

Doesn't seem to do anything on Mac OS X 10.5

Comment by tamouse 385 weeks and 3 days ago

cat /dev/urandom | strings | grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n'; echo

works on Macs

Comment by tamouse 385 weeks and 3 days ago

i usually use this one:

cat /dev/urandom | tr -cd 0-9a-zA-Z | head -c 30

it's short and comes handy in scripts, e.g. asigning random names for loops etc.

Comment by bubo 383 weeks and 4 days ago

strings: Warning: '/dev/urandom' is not an ordinary file

Comment by hm2k 360 weeks and 6 days ago

' grep -io [[:alnum:]] ' may be much faster than -o only

Comment by mhoudg 287 weeks and 4 days ago

Your point of view

You must be signed in to comment.