Sometimes it's a waste of time and effort to set up a secure password that complies with the complexity of the password. More importantly, it's often a tangle when setting the password. Finally, one day I couldn't help it, so I learned and sorted out how to use Linux to make commands randomly to generate commands that are safe and compliant with password complexity.

As the saying goes, "If you want to do good, you must first use your tools." If you can use a digger, why do you use a hoe? Recently, I have been reflecting on myself: I used to solve problems in primitive and old ways. They are not good at using some tools to solve problems quickly and conveniently.

 

1:mkpaswd command

 

mkpasswd is a password generation tool that comes with Linux. It can be said to be very safe and reliable (if you are worried about some online random password generation tools, you will collect and record the passwords you generate). The reason why I like this tool very much is that it can set the complexity of generating passwords. In addition, it can not only randomly generate passwords for you, but also directly help you modify the relevant account passwords. If you can't find this command, then maybe you haven't installed expect package.

 

Mode 1: yum installation mode.

yum -y install expect

 

 

Mode 2: rpm installation mode.

[root@DB-Server Server]# ls *expect*

expect-5.43.0-5.1.i386.rpm  expect-5.43.0-5.1.x86_64.rpm  expect-devel-5.43.0-5.1.i386.rpm  expect-devel-5.43.0-5.1.x86_64.rpm  expectk-5.43.0-5.1.x86_64.rpm  pexpect-2.3-3.el5.noarch.rpm

[root@DB-Server Server]# rpm -ivh expect-5.43.0-5.1.x86_64.rpm

warning: expect-5.43.0-5.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 37017186

Preparing...                ########################################### [100%]

   1:expect                 ########################################### [100%]

 

Some parameters of the mkpasswd command are as follows:

parameter	Functional description
-l	Define the length of the generated password, default 9
-d	Define the minimum number of numbers in a password, default 2
-c	Define the minimum number of lowercase letters in a password, default 2
-C	Define the minimum number of uppercase letters in a password, default 2
-s	Define the minimum number of passwords containing special characters, default 1
-p	Specify another password generator, default is / etc/yppasswd

[root@DB-Server Server]# mkpasswd -l 14 -d 2 -C 2 -s 2 -v kerry

spawn passwd kerry

passwd: Unknown user name 'kerry'.

password for kerry is 1S[(qillErt8xf

[root@DB-Server Server]# mkpasswd -l 14 -d 2 -C 2 -s 2 -v test

spawn passwd test

passwd: Unknown user name 'test'.

password for test is 1ar1t$-qwIHcrb

[root@DB-Server Server]# mkpasswd -l 14 -d 2 -C 2 -s 2 -v oracle

spawn passwd oracle

Changing password for user oracle.

New UNIX password: 

Retype new UNIX password: 

passwd: all authentication tokens updated successfully.

password for oracle is 24_vFkxqsol^pR

[root@DB-Server Server]# 

[root@DB-Server Server]# mkpasswd -l 14 -d 2 -C 2 -s 2  oracle

i&jijfgB92*fDa

[root@DB-Server Server]# 

 

2: apg command

 

APG is an open source free password random generator. The official website is http://www.adel.nursat.kz/apg./

Installation mode:

 

1:apt-get mode under Ubuntu:

sudo apt-get install apg

 

2: Using RPM:

[root@DB-Server tmp]# rpm -ivh apg-2.2.3-3.el5.rf.i386.rpm 

warning: apg-2.2.3-3.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6

Preparing...                ########################################### [100%]

   1:apg                    ########################################### [100%]

[root@DB-Server tmp]# 

 

Some parameters of the apg command are as follows:

parameter	Functional description
-M	Patterns for generating passwords
-E	Exclusion strings in password generation
-r	apply dictionary check against file
-b
-p	paranoid modifier for bloom filter check
-a	1: Random password generation mode. 0: Pronounced password generation
-n	Include numbers, but not every password?
-N	Every password must contain numbers
-m	The minimum length of the generated password, which defaults to 8, may exceed the actual length of the generated random password.
-x	Maximum length of generated password.
-s	It contains special characters, but not necessarily every one.
-S	Every password must have special characters
-c	Contains capital letters.
-C	Every password must contain lowercase letters
-d	In the generated password without any partitioner, the default 6 passwords linked into a long string
-l	spell for generating passwords
-t	Pronunciation of pronounciable characters in output passwords
-y	Output Encrypted Password
-q	Silent mode, no alarm information output
-h	Output help information
-v	Version information.

[root@DB-Server ~]# 

[root@DB-Server ~]# apg -M SNCL -m 8  -x 12  

Cupif6Swib?

Kij/OvMuk7

cyn=OtDuIf1

eic3Enn>

newCod"Rab4

{Flipnayt0

[root@DB-Server ~]# apg -M SNCL -m 8  -x 12  -t

dujghitt6Ob` (duj-ghitt-SIX-Ob-GRAVE)

RewgEmEc7Ow~ (Rewg-Em-Ec-SEVEN-Ow-TILDE)

Oc%Knegg1 (Oc-PERCENT_SIGN-Knegg-ONE)

loon5Quem+ (loon-FIVE-Quem-PLUS_SIGN)

El5Bleb{ (El-FIVE-Bleb-LEFT_BRACE)

Te4qued( (Te-FOUR-qued-LEFT_PARENTHESIS)

 

3: pwgen

 

The passwords generated by pwgen are easy to remember and safe. The download address of pwgen is https://sourceforge.net/projects/pwgen-win/files/PWGen/2.9.0./

apt-get install pwgen

Some parameters of the pwgen command are as follows:

parameter	Functional description
-c	The password contains at least one capital letter.
-A	The password does not contain capital letters
-n	The password contains at least one number.
-0	Password does not contain numbers
-y	The password contains at least one special character.
-s	Generate secure random passwords
-B	Passwords do not contain confusing characters, such as "1" and "I"
-h	View Help Information
-H	Use specified file sha1 hash generation, not random generation
-C	Random passwords generated by column printing
-1	Output a password per line, do not print by column to generate a password
-v	Passwords do not include vowel letters or numbers that may be mistaken for vowel letters

 

root@DB-Server:~# pwgen -h

Usage: pwgen [ OPTIONS ] [ pw_length ] [ num_pw ]

Options supported by pwgen:

  -c or --capitalize

        Include at least one capital letter in the password

  -A or --no-capitalize

        Don't include capital letters in the password

  -n or --numerals

        Include at least one number in the password

  -0 or --no-numerals

        Don't include numbers in the password

  -y or --symbols

        Include at least one special symbol in the password

  -s or --secure

        Generate completely random passwords

  -B or --ambiguous

        Don't include ambiguous characters in the password

  -h or --help

        Print a help message

  -H or --sha1=path/to/file[#seed]

        Use sha1 hash of given file as a (not so) random generator

  -C

        Print the generated passwords in columns

  -1

        Don't print the generated passwords in columns

  -v or --no-vowels

        Do not use any vowels so as to avoid accidental nasty words

root@DB-Server:~# pwgen -C

Xu3aiQuu choo2Aij ohCh3eip ou8ofeeL aYai5thi iet3eeNe ieth1Dei Mairah0o

gad9ooTh faBohZ6e ooJee3Oo Thiec4ah ahb1Iedi Sah7ahth Kainee4o beew7EeW

EedoHa1B eom3Aiph daigee2I AoG4Gei8 Siejoo9o Eemahk6a erur1Aim ohbu6Thi

ae0Ohbai Ehai9go0 ni0iYe4k Ais0eedo Ki3Aiku4 cue7AeXi Ao3lae5o oot2ahTh

yiev2Lei iNgeeth5 aeBi1sai quahh0Ei wei3aeP5 Bohng8ae Eecuor5i kie1eiTh

hiepa7Th uchaiTh5 eiX5Echi reiR4ele RaWaic5l Ahk6fae1 eiD5aen2 saep4Voh

irea6Quo Iakoh7pi eiPhoo1o pie9NeiR aj2Thied Mi3shugh oingi8Oo Vohthoo3

eph6Eed1 Ibooc3ux wo5TaPha Ceigh8aH eeX7ae6r aeB1phoo zohquo9H ahPhaig5

daenu0Ue qui2Feph queT5wo7 fooquo1M Vei4ceej Nie3nae2 IpahLa7e Ku6ahbuf

Oong2ye8 eiJ2haej ohChie4i oowah4Oz utaiM8Sh hah3Oong ieQu1pai aewai8Mi

waip3Aiz Hi0se4ai boon0AZi iR0eicee theeTh5n aeFo4air Tah7teef Aogh3Quo

Iya6eigo ie9Heegh aeyoh9Bo eiXoos4z YeZ7obai doosei4W sapeeBe8 ood1CahC

ie5ohF1s Goonoob2 aiy9Wu7W Oeh3sa5v EiTh9vai iyahs1Fu she5Oogi kohsha7E

Deeleit4 eibie0Th ou4Deihi Pai0oluk Vae6baih Doocee5e ahD2iex3 eil9aiRu

zeiNou0C uu4baiRi ahx2Eew2 Ashai0Ee Yae0aita paph4Air Ich4nei4 Mooph1Ch

eZ0AiTha Hoo8gaeh aiTha3Ga Quaif7ei Iel9oafu Cai0iD2u EeCuL0qu oochae0A

vuk1She4 Bai3Ohte aiChah9v Mohz7iYo zaeyoo8J xah4ohHi ohZ1ohw6 Eed0aeKo

tooQu3ar eiH8rata wiech2UB noMooch6 ahv8Boo3 zea2Gei4 oaM4Eile Cier9ieV

baeReef9 Iom2the0 Foe3ieza zaiNgat4 do1Bah7R ATuyom2u EeQu1lie chaeXo2j

eiza0Aed Leimuol0 eid5yu5C ahp4ahTu OobieSh2 Av8Iaxoh yeid0Eej gooR1aeY

root@DB-Server:~# pwgen -1

au9ni2Fa

Generate a password of 10 lengths containing size letters, numbers, and special characters:

root@DB-Server:~# pwgen -1cny 10

The9ciep#a

 

Generate 12 passwords that are 10 in length and contain at least one special character, number, and capital letter

root@DB-Server:~# pwgen -cy -1 -n 10 12

cahw]ie7uG

nie1OoKo-u

Anguu4Iu!N

hie%m2ojeH

be7Wo{w:ah

Ee^quaif2u

lo{Ngia1ce

AeToh"D7Ah

ieS5Cho=ch

Lu4seey<aB

Si>oR.aiH6

eo;l6Fie1m

 

Of course, there are other password generation tools, such as makepasswd, passwordmaker-cli. Individuals feel that the mastery of tools is not much, skilled mastery of one or two tools can be. There are articles on the Internet. Ten Methods of Generating Random Password with Linux Command Line There are many tools and methods to generate passwords, but some commands and methods are very impractical.

 

Reference material:

http://www.geekfan.net/7064/

http://www.makeuseof.com/tag/5-ways-generate-secure-passwords-linux/