| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame^] | 1 | =pod |
| 2 | |
| 3 | =head1 NAME |
| 4 | |
| 5 | openssl-passwd, |
| 6 | passwd - compute password hashes |
| 7 | |
| 8 | =head1 SYNOPSIS |
| 9 | |
| 10 | B<openssl passwd> |
| 11 | [B<-help>] |
| 12 | [B<-crypt>] |
| 13 | [B<-1>] |
| 14 | [B<-apr1>] |
| 15 | [B<-aixmd5>] |
| 16 | [B<-5>] |
| 17 | [B<-6>] |
| 18 | [B<-salt> I<string>] |
| 19 | [B<-in> I<file>] |
| 20 | [B<-stdin>] |
| 21 | [B<-noverify>] |
| 22 | [B<-quiet>] |
| 23 | [B<-table>] |
| 24 | [B<-rand file...>] |
| 25 | [B<-writerand file>] |
| 26 | {I<password>} |
| 27 | |
| 28 | =head1 DESCRIPTION |
| 29 | |
| 30 | The B<passwd> command computes the hash of a password typed at |
| 31 | run-time or the hash of each password in a list. The password list is |
| 32 | taken from the named file for option B<-in file>, from stdin for |
| 33 | option B<-stdin>, or from the command line, or from the terminal otherwise. |
| 34 | |
| 35 | =head1 OPTIONS |
| 36 | |
| 37 | =over 4 |
| 38 | |
| 39 | =item B<-help> |
| 40 | |
| 41 | Print out a usage message. |
| 42 | |
| 43 | =item B<-crypt> |
| 44 | |
| 45 | Use the B<crypt> algorithm (default). |
| 46 | |
| 47 | =item B<-1> |
| 48 | |
| 49 | Use the MD5 based BSD password algorithm B<1>. |
| 50 | |
| 51 | =item B<-apr1> |
| 52 | |
| 53 | Use the B<apr1> algorithm (Apache variant of the BSD algorithm). |
| 54 | |
| 55 | =item B<-aixmd5> |
| 56 | |
| 57 | Use the B<AIX MD5> algorithm (AIX variant of the BSD algorithm). |
| 58 | |
| 59 | =item B<-5> |
| 60 | |
| 61 | =item B<-6> |
| 62 | |
| 63 | Use the B<SHA256> / B<SHA512> based algorithms defined by Ulrich Drepper. |
| 64 | See L<https://www.akkadia.org/drepper/SHA-crypt.txt>. |
| 65 | |
| 66 | =item B<-salt> I<string> |
| 67 | |
| 68 | Use the specified salt. |
| 69 | When reading a password from the terminal, this implies B<-noverify>. |
| 70 | |
| 71 | =item B<-in> I<file> |
| 72 | |
| 73 | Read passwords from I<file>. |
| 74 | |
| 75 | =item B<-stdin> |
| 76 | |
| 77 | Read passwords from B<stdin>. |
| 78 | |
| 79 | =item B<-noverify> |
| 80 | |
| 81 | Don't verify when reading a password from the terminal. |
| 82 | |
| 83 | =item B<-quiet> |
| 84 | |
| 85 | Don't output warnings when passwords given at the command line are truncated. |
| 86 | |
| 87 | =item B<-table> |
| 88 | |
| 89 | In the output list, prepend the cleartext password and a TAB character |
| 90 | to each password hash. |
| 91 | |
| 92 | =item B<-rand file...> |
| 93 | |
| 94 | A file or files containing random data used to seed the random number |
| 95 | generator. |
| 96 | Multiple files can be specified separated by an OS-dependent character. |
| 97 | The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for |
| 98 | all others. |
| 99 | |
| 100 | =item [B<-writerand file>] |
| 101 | |
| 102 | Writes random data to the specified I<file> upon exit. |
| 103 | This can be used with a subsequent B<-rand> flag. |
| 104 | |
| 105 | =back |
| 106 | |
| 107 | =head1 EXAMPLES |
| 108 | |
| 109 | % openssl passwd -crypt -salt xx password |
| 110 | xxj31ZMTZzkVA |
| 111 | |
| 112 | % openssl passwd -1 -salt xxxxxxxx password |
| 113 | $1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a. |
| 114 | |
| 115 | % openssl passwd -apr1 -salt xxxxxxxx password |
| 116 | $apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0 |
| 117 | |
| 118 | % openssl passwd -aixmd5 -salt xxxxxxxx password |
| 119 | xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/ |
| 120 | |
| 121 | =head1 COPYRIGHT |
| 122 | |
| 123 | Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. |
| 124 | |
| 125 | Licensed under the OpenSSL license (the "License"). You may not use |
| 126 | this file except in compliance with the License. You can obtain a copy |
| 127 | in the file LICENSE in the source distribution or at |
| 128 | L<https://www.openssl.org/source/license.html>. |
| 129 | |
| 130 | =cut |