How to Generate/Encrypt/Decrypt Random Passwords in Linux

We have taken initiative to produce Linux tips and tricks series. If you’ve missed the last article of this series, you may like to visit the link below.

  1. 5 Interesting Command Line Tips and Tricks in Linux

In this article, we will share some interesting Linux tips and tricks to generate random passwords and also how to encrypt and decrypt passwords with or without slat method.

Security is one of the major concern of digital age. We put on password to computers, email, cloud, phone, documents and what not. We all know the basic to choose the password that is easy to remember and hard to guess. What about some sort of machine based password generation automatically? Believe me Linux is very good at this.

1. Generate a random unique password of length equal to 10 characters using command ‘pwgen‘. If you have not installed pwgen yet, use Apt or YUM to get.

$ pwgen 10 1

Generate Random Unique Password in Linux

Generate several random unique passwords of character length 50 in one go!

$ pwgen 50

Generate Multiple Random Passwords

2. You may use ‘makepasswd‘ to generate random, unique password of given length as per choice. Before you can fire makepasswd command, make sure you have installed it. If not! Try installing the package ‘makepasswd’ using Apt or YUM.

Generate a random password of character length 10. Default Value is 10.

$ makepasswd 

makepasswd Generate Unique Password

Generate a random password of character length 50.

$ makepasswd  --char 50

Random Password Generate

Generate 7 random password of 20 characters.

$ makepasswd --char 20 --count 7

Generate 20 Character Password

3. Encrypt a password using crypt along with salt. Provide salt manually as well as automatically.

For those who may not be aware of salt,

Salt is a random data which servers as an additional input to one way function in order to protect password against dictionary attack.

Make sure you have installed mkpasswd installed before proceeding.

The below command will encrypt the password with salt. The salt value is taken randomly and automatically. Hence every time you run the below command it will generate different output because it is accepting random value for salt every-time.

$ mkpasswd tecmint

Encrypt Password in Linux Using mkpasswd

Now lets define the salt. It will output the same result every-time. Note you can input anything of your choice as salt.

$ mkpasswd tecmint -s tt

Encrypt Password Using Salt

Moreover, mkpasswd is interactive and if you don’t provide password along with the command, it will ask password interactively.

4. Encrypt a string say “Tecmint-is-a-Linux-Community” using aes-256-cbc encryption using password say “tecmint” and salt.

# echo Tecmint-is-a-Linux-Community | openssl enc -aes-256-cbc -a -salt -pass pass:tecmint

Encrypt A String in Linux

Here in the above example the output of echo command is pipelined with openssl command that pass the input to be encrypted using Encoding with Cipher (enc) that uses aes-256-cbc encryption algorithm and finally with salt it is encrypted using password (tecmint).

5. Decrypt the above string using openssl command using the -aes-256-cbc decryption.

# echo U2FsdGVkX18Zgoc+dfAdpIK58JbcEYFdJBPMINU91DKPeVVrU2k9oXWsgpvpdO/Z | openssl enc -aes-256-cbc -a -d -salt -pass pass:tecmint

Decrypt String in Linux

That’s all for now. If you know any such tips and tricks you may send us your tips at [email protected], your tip will be published under your name and also we will include it in our future article.

Keep connected. Keep Connecting. Stay Tuned. Don’t forget to provide us with your valuable feedback in the comments below.

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

18 Responses

  1. gregory says:

    Hello,

    What about the command: “openssl rand”. Is it good enough to be a part of this article?

  2. Ravindra says:

    You are Boss…Linux ka Maha-Guru

  3. Mahendra says:

    Great site of linux I have ever seen

  4. Noob says:

    Interesting! Great article, thank you!

    Tecmint is a great web site. Always helpful.

  5. aaa says:

    $ echo $RANDOM | md5sum | cut -c 1-8

    • Avishek Kumar says:

      Thanks aaa. We will include your tips in our “Linux Tips and tricks article” (& will elaborate it there).
      Keep connected and keep commenting.

      • Stef says:

        Be aware that the value returned by $RANDOM is between 0 and 32767 so this method is not very secure. You should add a seed. Also, the output contains only 8 hexadecimal numbers and so should be easy to crack by brute force.

        echo FooBar$RANDOM | md5sum | base64 | cut -c 1-8

        Another alternative is to generate random bytes using /dev/urandom (or even better using /dev/random but that one can be very slow) and to convert them to characters using base64

        cat /dev/urandom | base64 | head -n 1 | cut -c 1-8

        • Stef says:

          As a second though, applying base64 to the output of md5sum, so an hexadecimal number, is even worse because that seriously limits the possibilities.

          Here a small bash command that shows the probability of finding a character at each rank 1-8. This is of course cyclic since base64 encodes 3 input bytes in 4 characters.

          # for ((j=1;j<=8;j++)) ; do echo === $j ; for ((i=0;i<1000;i++)) ; do echo $RANDOM | md5sum | base64 | cut -c $j ; done | sort | uniq -c ; done

  6. Plazma says:

    Which app do you use for animated command line?

    • Avishek Kumar says:

      Dear Plazma,
      I am sorry, but it is a project developed by us and we have not named it yet. At this point we have not even concluded to publish the software under any particular Licence.

      Keep connected!

  7. Carl says:

    Hi Avishek,

    Could you tell me how you make that animated gif captures, please?. It is very nice.

    Thanks

    • Avishek Kumar says:

      Dear Carl,
      I am sorry, but it is a project developed by us and we have not named it yet. At this point we have not even concluded to publish the software under any particular Licence.

      Keep connected!

  8. Adrián Rodriguez says:

    Hi Avishek, I try your examples but I’m stuck with the example of “mkpasswd” I tried to install using apt-get but doesn’t found the package I searched with apt-cache search and found something, but results that is other program “mkpasswd.pl” which doesn’t have the ability to use the “Salt”, Could you please tell me how to install this tool.

    Thanks in advance

Leave a Reply to Carl Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.