Generating Secure Passwords in Linux

LockHere’s a bunch of different ways you can generate secure passwords in Linux using the command line:

OpenSSL

We can use openssl to generate cryptographically secure passwords:

openssl rand -base64 16

The above command will display a 16 byte random number encoded as a base64 string.

You can also display it as hex:

openssl rand -hex 16

There’s a handy python script from the electrum bitcoin project that will convert the hexadecimal number into a human friendly passphrase:

python mnemonic.py `openssl rand -hex 16`

PWGen

This is a utility designed to generate “pronounceable passwords” but it can also generate secure ones:

pwgen -sy 16 1

The above command will generate 1 secure password of 16 characters that will include at least one symbol.

Copying to the clipboard

If you are running a GUI you will want to copy the generated passwords to the clipboard. You can do that with the xclip utility. An example:

openssl rand -base64 16 | tr -d "\n" | xclip -selection c

tr is used to remove the new line that openssl outputs after the password.

Assigning a shortcut key or alias

It makes sense to assign a shortcut key to these commands. For example in KDE you can go to ‘configure desktop’ > ‘shortcuts and gestures’ to create a keyboard shortcut.

A bash alias would look like this:

alias passgen='pwgen -sy 16 1 | tr -d "\n" | xclip -selection c'

Depending on your distro you place it in .bashrc, .bash_aliases or .alias.

Leave a Reply

Your email address will not be published.