While I love gpg and truecrypt there's some times when you just want to edit a file and not worry about keys or having to deal needing extra software on hand. Thus, you can use vim's encrypted file format. For more info on vim's encrypted files visit: http://www.vim.org/htmldoc/editing.html#encryption Show Sample Output

Why remember? Generate! Up to 48 chars, works on any unix-like system (NB: BSD use md5 instead of md5sum) Show Sample Output

-B flag = don't include characters that can be confused for other characters (this helps when you give someone their password for the first time so they don't cause a lockout with, for example, denyhosts or fail2ban) -s flag = make a "secure", or hard-to-crack password -y flag = include special characters (not used in the example because so many people hate it -- however I recommend it) "1 10" = output 1 password, make it 10 characters in length For even more secure passwords please use the -y flag to include special characters like so: pwgen -Bsy 10 1 output>> }&^Y?.>7Wu Show Sample Output

According to the gpg(1) manual: --gen-random 0|1|2 count Emit count random bytes of the given quality level 0, 1 or 2. If count is not given or zero, an endless sequence of random bytes will be emitted. If used with --armor the output will be base64 encoded. PLEASE, don't use this command unless you know what you are doing; it may remove precious entropy from the system! If your entropy pool is critical for various operations on your system, then using this command is not recommended to generate a secure password. With that said, regenerating entropy is as simple as: du -s / This is a quick way to generate a strong, base64 encoded, secure password of arbitrary length, using your entropy pool (example above shows a 30-character long password). Show Sample Output

/dev/urandom is cryptographically secure, and indistinguishable from true random, as it gathers data from external sources, influenced by human timing interactions with computers, to fill the entropy pool, and hashes the input with SHA-1. As such, this is a quick way to do a "true random" fair-6 dice roll. Using this method, you could easily create passphrases with Diceware http://diceware.com. Change the head(1) count to something other than 5 for more or less numbers.

for Mac OS X Show Sample Output

The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely completely random passwords. [from pwgen man page] Show Sample Output

Prepending env LC_CTYPE=C fixes a problem with bad bytes in /dev/urandom on Mac OS X

You need to install "sshpass" for this to work. apt-get install sshpass

Generates password consisting of alphanumeric characters, defaults to 16 characters unless argument given. Show Sample Output

The lifehacker way: http://lifehacker.com/software/top/geek-to-live--encrypt-your-data-178005.php#Alternate%20Method:%20OpenSSL "That command will encrypt the unencrypted-data.tar file with the password you choose and output the result to encrypted-data.tar.des3. To unlock the encrypted file, use the following command:" openssl des3 -d -salt -in encrypted-data.tar.des3 -out unencrypted-data.tar Show Sample Output

Another password maker, for human-unfriendly passwords. '-base64' output will make sure it it can be typed on a keyboard, though the output string length will always be a multiple of 4. Show Sample Output

Feel free to put this in your ~/.profile: random(){ cat /dev/urandom | env LC_CTYPE=C tr -dc $1 | head -c $2; echo; } Then use it to generate passwords: random [:alnum:] 16 Or DNA sequences: random ACGT 256

shell generate random strong password Show Sample Output

Prompts the user for username and password, that are then exported to http_proxy for use by wget, yum etc Default user, webproxy and port are used. Using this script prevent the cleartext user and pass being in your bash_history and on-screen Show Sample Output

Of course you will have to install Digest::SHA and perl before this will work :) Maximum length is 43 for SHA256. If you need more, use SHA512 or the hexadecimal form: sha256_hex() Show Sample Output

Some snippets posted are slow on big dictionaries, this one is fast. Show Sample Output

This restricts things 3 ways: 1. No capitalized words, hence no proper names. 2. No apostrophes. 3. Restricts size to range (3,7) Show Sample Output

Generate a 18 character password from character set a-zA-Z0-9 from /dev/urandom, pipe the output to Python which prints the password on standard out and in crypt sha512 form. Show Sample Output

In this example, where the users gpg keyring has a password, the user will be interactively prompted for the keyring password. If the keyring has no password, same as above, sans the prompt. Suitable for cron jobs. ~/.gnupg/passwd/http-auth.gpg is the encrypted http auth password, for this particular wget use case. This approach has many use cases. example bash functions: function http_auth_pass() { gpg2 --decrypt ~/.gnupg/passwd/http-auth.gpg 2>/dev/null; } function decrypt_pass() { gpg2 --decrypt ~/.gnupg/passwd/"$1" 2>/dev/null; }

Generate a truly random password using noise from your microphone to seed the RNG. This will spit out 12 password with 12 characters each, but you can save this into a bash script and replace 'pwgen -ys 12 12' with 'pwgen $@' so you can pass any paramters to pwgen as you would normally do. Show Sample Output

If the password for the share your trying to mount contains special characters you can use URL escape characters. The above command uses an example as follows: username: user password: p@ss URL Encoded password: p%40ss All credit goes to Richard York: http://www.smilingsouls.net/Blog/20110526100731.html Also check out this URL Decoder/Encoder to convert your passwords. http://meyerweb.com/eric/tools/dencoder/

This function will encrypt a bash script and will only execute it after providing the passphrase. Requires mcrypt to be installed on the system. cat hello #!/bin/bash case "$1" in ""|-h) echo "This is the fantastic Hello World. Try this:" $(basename $0) "[entity]" ;; moon) echo Good night. ;; sun) echo Good morning. ;; world) echo "Hello, world!" ;; *) echo Hi, $@. ;; esac scrypt hello Enter the passphrase (maximum of 512 characters) Please use a combination of upper and lower case letters and numbers. Enter passphrase: Enter passphrase: Stdin was encrypted. cat hello.scrypt . <(echo "$(/usr/bin/tail -n+2 $0|base64 -d|mcrypt -dq)");exit; AG0DQHJpam5kYWVsLTEyOAAgAGNiYwBtY3J5cHQtc2hhMQAV34412aaE8sRzQPQzi09YaNQPedBz aGExAARvB6A/HYValW4txoCFmrlp57lmvhKBbM4p+OUiZcCxr6Y+Mm7ogg3Y14pHi0CrfT70Tubq 9g8/kNJrQr7W/ogHpVuOOdD0YfuRatrV7W2+OlNQ63KX780g4qTHrTqNnyLp8sF5RQ7GwxyZ0Oti kROtVIU4g4+QAtn/k/e7h7yt4404VF1zzCYRSw20wmJz1o/Z0XO7E/DFBr5Bau7bWjnF7CRVtims HGrDwv1miTtAcyB9PknymDxhSyjDUdNhqXGBIioUgqjX1CKgedtO0hQp050MiQd3I6HacpSrVUIW kuuS+BtMrxHDy+48Mh1hidV5JQFP7LP5k+yAVLpeHd2m2eIT1rjVE/Bp2cQVkpODzXcWQDUAswUd vulvj/kWDQ== ./hello This is the fantastic Hello World. Try this: hello [entity] ./hello.scrypt Enter passphrase: This is the fantastic Hello World. Try this: hello.scrypt [entity] ./hello world Hello, world! ./hello.scrypt world Enter passphrase: Hello, world! Show Sample Output