user@machine:~$ strings /dev/urandom | grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n'; echo XhJjKL07KNZSDDpwdPm9rACnW3FR0w
-B flag = don't include characters that can be confused for other characters (this helps when you give someone their password for the first time so they don't cause a lockout with, for example, denyhosts or fail2ban)
-s flag = make a "secure", or hard-to-crack password
-y flag = include special characters (not used in the example because so many people hate it -- however I recommend it)
"1 10" = output 1 password, make it 10 characters in length
For even more secure passwords please use the -y flag to include special characters like so:
pwgen -Bsy 10 1
output>> }&^Y?.>7Wu
Show Sample Output
According to the gpg(1) manual:
--gen-random 0|1|2 count
Emit count random bytes of the given quality level 0, 1 or 2. If count is not given or zero, an endless sequence of random bytes will be emitted. If used with --armor the output will be base64 encoded. PLEASE, don't use this command unless you know what you are doing; it may remove precious entropy from the system!
If your entropy pool is critical for various operations on your system, then using this command is not recommended to generate a secure password. With that said, regenerating entropy is as simple as:
du -s /
This is a quick way to generate a strong, base64 encoded, secure password of arbitrary length, using your entropy pool (example above shows a 30-character long password).
Show Sample Output
If you want a password length longer than 6, changing the -c6 to read -c8 will give you 8 random characters instead of 6. To end up with a line-feed, use this with echo: # echo `< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c6` Modern systems need higher strenght, so add some special characters: # < /dev/urandom tr -dc '12345!@#$%qwertQWERTasdfgASDFGzxcvbZXCVB' | head -c8
The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely completely random passwords. [from pwgen man page] Show Sample Output
Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?
You must be signed in to comment.
commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.
Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.
» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10
Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):
Subscribe to the feed for:
strings /dev/urandom | grep -o '[[:graph:]]' | grep '[^0O1l]' | head -n 20 | tr -d '\n'; echo
cat /dev/urandom | tr -cd 0-9a-zA-Z | head -c 30
it's short and comes handy in scripts, e.g. asigning random names for loops etc.