sitepass() { echo -n "$@" | md5sum | sha1sum | sha224sum | sha256sum | sha384sum | sha512sum | gzip - | strings -n 1 | tr -d "[:space:]" | tr -s '[:print:]' | tr '!-~' 'P-~!-O' | rev | cut -b 2-11; history -d $(($HISTCMD-1)); }

generate a unique and secure password for every website that you login to

usage: sitepass MaStErPaSsWoRd example.com description: An admittedly excessive amount of hashing, but this will give you a pretty secure password, It also eliminates repeated characters and deletes itself from your command history. tr '!-~' 'P-~!-O' # this bit is rot47, kinda like rot13 but more nerdy rev # this avoids the first few bytes of gzip payload, and the magic bytes.
Sample Output
$ sitepass  iHeartLinux commandlinefu.com
^Uk+j{,jl~

14
By: syssyphus
2009-10-01 20:14:57

These Might Interest You

  • This is a safest variation for "sitepass function" that includes a SALT over a long loop for sha512sum hash Show Sample Output


    -4
    sitepass2() {salt="this_salt";pass=`echo -n "$@"`;for i in {1..500};do pass=`echo -n $pass$salt|sha512sum`;done;echo$pass|gzip -|strings -n 1|tr -d "[:space:]"|tr -s '[:print:]' |tr '!-~' 'P-~!-O'|rev|cut -b 2-15;history -d $(($HISTCMD-1));}
    Soubsoub · 2010-12-09 08:42:24 1
  • ZenCart uses a MD5 with a salt to secure its passwords. If you need to forcibly change someone's password to a known value within the database, this one-liner can generate the password. Change the value of 'p' to the password you want. Show Sample Output


    1
    python -c 'p="SeCuR3PwD";import hashlib as h;s=h.md5(p).hexdigest()[:2];pw=h.md5(s+p).hexdigest();print pw+":"+s;'
    Xiol · 2011-10-16 18:49:08 1
  • According to the gpg(1) manual: --gen-random 0|1|2 count Emit count random bytes of the given quality level 0, 1 or 2. If count is not given or zero, an endless sequence of random bytes will be emitted. If used with --armor the output will be base64 encoded. PLEASE, don't use this command unless you know what you are doing; it may remove precious entropy from the system! If your entropy pool is critical for various operations on your system, then using this command is not recommended to generate a secure password. With that said, regenerating entropy is as simple as: du -s / This is a quick way to generate a strong, base64 encoded, secure password of arbitrary length, using your entropy pool (example above shows a 30-character long password). Show Sample Output


    10
    gpg --gen-random --armor 1 30
    atoponce · 2011-07-20 15:32:49 2
  • (Please see sample output for usage) script.bash is your script, which will be crypted to script.secure script.bash --> script.secure You can execute script.secure only if you know the password. If you die, your script dies with you. If you modify the startup line, be careful with the offset calculation of the crypted block (the XX string). Not difficult to make script editable (an offset-dd piped to a gpg -d piped to a vim - piped to a gpg -c directed to script.new ), but not enough space to do it on a one liner. Show Sample Output


    5
    echo "eval \"\$(dd if=\$0 bs=1 skip=XX 2>/dev/null|gpg -d 2>/dev/null)\"; exit" > script.secure; sed -i s:XX:$(stat -c%s script.secure): script.secure; gpg -c < script.bash >> script.secure; chmod +x script.secure
    rodolfoap · 2013-03-09 11:16:48 5
  • -B flag = don't include characters that can be confused for other characters (this helps when you give someone their password for the first time so they don't cause a lockout with, for example, denyhosts or fail2ban) -s flag = make a "secure", or hard-to-crack password -y flag = include special characters (not used in the example because so many people hate it -- however I recommend it) "1 10" = output 1 password, make it 10 characters in length For even more secure passwords please use the -y flag to include special characters like so: pwgen -Bsy 10 1 output>> }&^Y?.>7Wu Show Sample Output


    15
    pwgen -Bs 10 1
    linuxrawkstar · 2009-12-01 14:33:51 1
  • These are my favourite switches on pwgen: -B Don't include ambiguous characters in the password -n Include at least one number in the password -y Include at least one special symbol in the password -c Include at least one capital letter in the password It just works! Add a number to set password length, add another to set how many password to output. Example: pwgen -Bnyc 12 20 this will output 20 password of 12 chars length. Show Sample Output


    5
    pwgen -Bnyc
    KoRoVaMiLK · 2012-03-15 14:38:15 1

What Others Think

keepassx will generate passwords, and also store them securely. It is a nice program and worth checking out.
dstahlke · 449 weeks and 5 days ago
pwgen is another good tool. Allows you customize the type and number of passwords you want to be generated.
chrisa · 402 weeks and 6 days ago
I was just wondering, what is the program that has this command for use sitepass. I looked around but couldn't really find it, I'm running Snow Leopard so hopefully I can compile it from scratch. Would be greatly appreciated.
unixmonkey94271 · 80 weeks and 3 days ago
its a function. you create a function / command in bash by using that syntax. e.g. this_is_a_user_defined_command() {echo foo; }
syssyphus · 80 weeks and 2 days ago
Oh snap! are you saying that these are just a bunch of GNU utilities commands?
unixmonkey94271 · 80 weeks and 1 day ago

What do you think?

Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?

You must be signed in to comment.

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands



Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: