Linux/UNIX:使用mkpasswd/makepasswd/pwgen生成随机密码

时间:2020-01-09 10:38:44  来源:igfitidea点击:

如何生成用于我的Shell脚本的随机密码?
如何在Linux或Unix命令行上创建随机密码?
您可以使用makemakewd或mkpasswd命令在Linux/UNIX等操作系统上生成随机密码。

  • mkpasswd命令是加密功能的前端功能过度。 makepasswd命令使用Linux的/dev/random功能生成真正的随机密码,重点是安全性而不是可发音性。它还可以加密在命令行上给定的纯文本密码。生成新密码的更新版本,可以选择将其应用于用户。
  • makepasswd命令使用/dev/urandom生成真正的随机密码。
  • pwgen命令生成可发音的密码。

安装makepasswd

在shell提示符下执行以下命令,以在Debian/Ubuntu Linux上instamm mkpasswd或makepasswd:

$ sudo apt-get install makepasswd

输出示例:

Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following package was automatically installed and is no longer required:
  nvidia-settings-experimental-310
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
  libcrypt-openssl-random-perl
The following NEW packages will be installed:
  libcrypt-openssl-random-perl makepasswd
0 upgraded, 2 newly installed, 0 to remove and 15 not upgraded.
Need to get 23.1 kB of archives.
After this operation, 153 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://in.archive.ubuntu.com/ubuntu/ precise/main libcrypt-openssl-random-perl amd64 0.04-1build4 [11.2 kB]
Get:2 http://in.archive.ubuntu.com/ubuntu/ precise/universe makepasswd all 1.10-8 [11.8 kB]
Fetched 23.1 kB in 0s (23.6 kB/s)     
Selecting previously unselected package libcrypt-openssl-random-perl.
(Reading database ... 539086 files and directories currently installed.)
Unpacking libcrypt-openssl-random-perl (from .../libcrypt-openssl-random-perl_0.04-1build4_amd64.deb) ...
Selecting previously unselected package makepasswd.
Unpacking makepasswd (from .../makepasswd_1.10-8_all.deb) ...
Processing triggers for man-db ...
Setting up libcrypt-openssl-random-perl (0.04-1build4) ...
Setting up makepasswd (1.10-8) ...

mkpasswd语法

语法为:

makepasswd
makepasswd [options]

例子

只需执行以下命令:

$ makepasswd

输出示例:

m4peQm97s

要生成长度为16个字符的密码,请将16选项传递给--chars选项,如下所示:

$ makepasswd --chars 16

输出示例:

cSYhQ55aNRshmBT5

要产生总共7个密码,而不是默认的1个密码,请执行:

$ makepasswd --chars 16 --count 7

输出示例:

W6Lfrus9m08uAL7j
gdTiP2F4Td94oyWN
qoeezVzHh38m1aYK
HI0R66ExHw558L2N
5I6UH7WdUmX9e3Xg
XRTLM6V8D37JxWz0
qpvu7VaJecwG4qFb

其他命令行选项如下(请参阅makepasswd(1)):

--crypt          Produce encrypted passwords.
--crypt-md5      Produce encrypted passwords using the MD5 digest (hash)
                       algorithm.
--cryptsalt=N    Use crypt() salt N, a positive number

注意:mkpasswd和makepasswd在各种发行版中完全不同。
请参考本地手册页以获取更多信息,以获取准确的语法。

mkpasswd命令语法

在大多数发行版中,默认情况下已安装mkpasswd。
语法如下:

mkpasswd
mkpasswd [options]
mkpasswd [options] [user]

例子

只需执行mkpasswd命令并按[enter]键:

$ mkpasswd

输出示例:

Password: type-Your-Password
/o88/D4SvLix2

要设置密码长度,请执行:

$ mkpasswd -l 12

输出示例:

gk3Jh5s]Riaa

要将密码存储在shell变量中,请执行:

RPASS=$(mkpasswd -l 12)
echo "$RPASS"

上面的shell命令将生成长度为12个字符的新密码。
您可以编写脚本,如下所示:

#!/bin/bash
# ... do something
userPassword=$(mkpasswd -l 32)
# ... do with $userPassword
echo "$userPassword"
# ...

您可以将以下选项传递给mkpasswd命令:

-d #      (min # of digits, default = 2)
    -c #      (min # of lowercase chars, default = 2)
    -C #      (min # of uppercase chars, default = 2)
    -s #      (min # of special chars, default = 1)

下面的示例创建一个24个字符的密码,该密码至少包含3位数字,3个字符和5个大写字符:

$ mkpasswd -l 22 -d 3 -C 5 -s 3

输出示例:

h@fq'h0;w9AkTN6GovszUg

安装pwgen命令

您可以安装并使用pwgen命令来自动生成密码。
要在RHEL/CentOS/Fedora Linux上安装pwgen,请输入yum命令,如下所示:

# yum -y install pwgen

要在Debian/Ubuntu Linux上安装pwgen,请输入apt-get命令,如下所示:

$ sudo apt-get install pwgen

pwgen命令语法和示例

语法为:

pwgen
pwgen -N 1
pwgen [options]

执行以下命令以按列打印密码:

$ pwgen
Yu9Ra3la Ahg6ziaX Fei6aigu Ud1aef3u thohf1Ie Uudiosh1 ait2yahG See7eev4
zae7eiCh eiZei4ai yae8iQua Che4If3l Opho6aid aep0uS9g aev7eNof eeXai3co
mooc6aiP eeFeof4g ei0Ne8ij Xah1quei aeh9rahM aRiR4air aQu0wuP2 Muadoo8A
ye9choXe Weefuu2c aichei2H Aquoh4ir Ienahma9 vu9IYaiy roze2OoG eiHai4fo

要生成一个密码而不是按列打印的筛选式密码:

$ pwgen -N 1

输出示例:

ooQue4ce

以下示例生成一个长度为20个字符的密码:

$ pwgen 20 1

输出示例:

Aij2aeT2ob5yeyoonaer

pwgen命令支持的选项:

-c or --capitalize
	Include at least one capital letter in the password
  -A or --no-capitalize
	Don't include capital letters in the password
  -n or --numerals
	Include at least one number in the password
  -0 or --no-numerals
	Don't include numbers in the password
  -y or --symbols
	Include at least one special symbol in the password
  -s or --secure
	Generate completely random passwords
  -B or --ambiguous
	Don't include ambiguous characters in the password
  -h or --help
	Print a help message
  -H or --sha1=path/to/file[#seed]
	Use sha1 hash of given file as a (not so) random generator
  -C
	Print the generated passwords in columns
  -1
	Don't print the generated passwords in columns
  -v or --no-vowels
	Do not use any vowels so as to avoid accidental nasty words