4 Ways to Generate a Strong Pre-Shared Key (PSK) in Linux

A Pre-Shared Key (PSK) or also known as a shared secret is a string of characters that is used as an authentication key in cryptographic processes. A PSK is shared before being used and is held by both parties to the communication to authenticate each other, usually before other authentication methods such as usernames and passwords are applied.

It is commonly used in different types of Virtual Private Network (VPN) connections, wireless networks in a type of encryption known as WPA-PSK (Wi-Fi Protected Access Pre-Shared Key) and WPA2-PSK, and also in the EAP (Extensible Authentication Protocol Pre-Shared Key), and many others authentication mechanisms.

In this article, we will show you different ways to generate a strong Pre-Shared Key in Linux distributions.

1. Using OpenSSL Command

OpenSSL is a well-known and widely-used command-line tool used to invoke the various cryptography functions of OpenSSL’s crypto library from the shell. To generate a strong PSK use its rand sub-command which generates pseudo-random bytes and filter it through base64 encodings as shown.

$ openssl rand -base64 32
$ openssl rand -base64 64
Generate PSK Key Using OpenSSL Command

Generate PSK Key Using OpenSSL Command

2. Using GPG Command

GPG is a command-line tool to provide digital encryption and signing services using the OpenPGP standard. You can use its --gen-random option to generate a strong PSK and filter it through base64 encoding as shown.

In the following commands, 1 or 2 is the quality level and 10, 20, 40, and 70 are the character counts.

$ gpg --gen-random 1 10 | base64
$ gpg --gen-random 2 20 | base64
$ gpg --gen-random 1 40 | base64
$ gpg --gen-random 2 70 | base64
Generate PSK Key Using GPG Command

Generate PSK Key Using GPG Command

3. Using Pseudorandom Number Generators

You can also use any of the pseudorandom number generators in Linux such as /dev/random or /dev/urandom, as follows. The -c option of the head command helps to generate the number of characters.

$ head -c 35 /dev/random | base64
$ head -c 60 /dev/random | base64
Generate PSK Using Pseudorandom Number Generators

Generate PSK Using Pseudorandom Number Generators

4. Using date and sha245sum Commands

The date and sha256sum command can be combined to create a strong PSK as follows.

$ date | sha256sum | base64 | head -c 45; echo
$ date | sha256sum | base64 | head -c 50; echo
$ date | sha256sum | base64 | head -c 60; echo
Generate PSK Using date Command

Generate PSK Using date Command

The above are some of the many ways of generating strong Pre-Shared Key in Linux. Do you know of any other methods? If yes, share it with us via the feedback form below.

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

Aaron Kili

Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.