Created
May 5, 2011 15:59
-
-
Save raykrueger/957311 to your computer and use it in GitHub Desktop.
Generating secure repeatable passwords with OpenSSL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # see http://www.openssl.org/docs/apps/passwd.html | |
| DOMAIN=$1 | |
| PEPPER=55e730a3 | |
| SALT=`echo ${PEPPER}${DOMAIN} | shasum | cut -c 1-8` | |
| openssl passwd -1 -salt $SALT | cut -d '$' -f 4 |
The previous commit used a fixed salt, I like passing the domain name better.
With version 7f63f1 I switched to combining the domain with a fixed PEPPER value.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Usage example...
$ passgen github.com
Password: bullshit
ayywx5h0ljGsUgyrYOSGn0
The point here is that you can use a simple to remember word or phrase to generate a secure password. Rather than trying to remember (and type) a very complicated one.
The domain name passed is used as the salt for the password. The domain passed is combined with a fixed value, called PEPPER, and then passed to shasum to get a unique, repeatable, salt.