How to generate a random string?
I would like to generate a random string (e.g. passwords, user names, etc.). It should be possible to specify the needed length (e.g. 13 chars).
What tools can I use?
(For security and privacy reasons, it is preferable that strings are generated off-line, as opposed to online on a website.)
22 Answers 22
My favorite way to do it is by using /dev/urandom together with tr to delete unwanted characters. For instance, to get only digits and letters:
If you have some problems with tr complaining about the input, try adding LC_ALL=C like this:
I am using the openssl command, the swiss army knife of cryptography.
To generate a random password you can use pwgen :
pwgen generates random, meaningless but pronounceable passwords. These passwords contain either only lowercase letters, or upper and lower case mixed, or digits thrown in. Uppercase letters and digits are placed in a way that eases remembering their position when memorizing only the word.
Generate 7 passwords of length 13:
As mentioned in the comments, you can avoid reducing entropy by using the -s argument (i.e. generate more secure, completely random but hard to remember passwords):
To generate random user names you can use gpw :
This package generates pronounceable passwords. It uses the statistics of three-letter combinations (trigraphs) taken from whatever dictionaries you feed it.
Generate 7 passwords (user names) of length 13:
Here is how, I do it. It generates 10 characters random string. You can optimize it by replacing the «fold», with other string processing tools.
To generate password with the highest entropy possible with standard Linux tools that are built into every distribution I use:
This outputs all of the ASCII printable characters — from 32 (space) to 126 (tilde,
). The password length can be controlled with the head ‘s -c flag. There are also other possible character sets in tr (to not include the space, just characters 33-126, use [:graph:] ).
Inspired by Pablo Repetto I ended up with this easy to remember solution:
-z avoids multi line output
-r allow any character to appear multiple times
-n20 random string with a length of 20 characters
shuf is part of the linux coreutils and widely available or at least been ported.
Depending on the level of randomness you want, you could simply go with bash’s (also zsh and ksh , possibly others) builtin $RANDOM variable:
The methods reading directly from /dev/urandom are far simpler, but for the sake of completion, you could also use $RANDOM :
Important: this solution will only produce random strings using the first 10 letters of the alphabet. Whether or not that is enough for you depends on what you need this for.
Use xxd command to specify length (via -l) which both works in Linux and OS. https://www.howtoforge.com/linux-xxd-command/
@Brandin explained in a comment to another answer how to get at most 100 bytes from /dev/urandom using head -c 100 . Another way to do this is with dd :
The 2>/dev/null at the end of the dd command is to suppress the «. records in / . records out» output.
I’m not aware of any substantial advantages/disadvantages between these two methods.
I had an issue with both methods of tr complaining about the input. I thought this was because it didn’t like receiving binary input, and hence suggested first filtering /dev/random with iconv -c -t US . However, Gilles suggested a different diagnosis and solution, which works for me:
APG is included by default on some Linux distributions.
To generate passwords from size 5 to 10 in subsets Special, Numeric, Capital and Lower, the command is:
As said by @landroni in comment.
You can use one of md5 tools that has precisely this purpose. In the case of creating a completely random password you can use the md5pass . It is a very simple tool to use and very helpful, since you can use «normal text» together with a «salt» to jump-bit construction of the same password that you can recover afterwards, or alternatively you may want to get a completely random password all the time. The general usage is:
where password is a chosen word that will be used for the construction of the random string and salt is the jump in bytes to be used. Like this:
This will create a «a random sequence» password for you to use. If you use no salt , then you may not be able to recreate this same string afterwards.
However if you use a salt like this:
then you can create a sequence which you can recover if you use the word in conjunction with the same salt (or jump) if it was originally defined.
8 Ways to Generate a Random Password on Linux Shell
Having a strong password when authenticating to a service by username and password is very important. Sometimes, you need to protect your account or server, and try to keep your data safe and secure. It is often said that a strong password must have a minimum of 14 characters with variations like you may have lowercases/uppercases in the characters and alphabets. Mostly the long password is considered to be much more secure than a short one since it is hard to get. In this tutorial, we will see many ways to generate a strong password from Linux command line. We will have a look at many different means to create a stronger password that is secure enough, using the Linux command line. You need to generate a stronger password from the command line so, it has various different methods and utilities that are already available. We will be discussing many of the methods and you may choose any of the ways for generation of a password as per your need.
Generation of a password with OpenSSL
Several methods, exist in Linux to create and generate the passwords for Linux command line. The first one we are trying is by using OpenSSL. Following are the steps that need to be followed for this purpose.
Step 1: First of all, open Terminal by clicking on Ubuntu launcher and search for Terminal.
Step 2: Now click on the Terminal and wait for the terminal to open.
Step 3: Once the terminal is opened, you will have a screen like this:
Step 4:
The command that is used to generate a stronger password includes OpenSSL rand function. This will help us generate 14 random characters in a string. The command is “openssl rand –base64 14”.
Advertisement
The outcome will be a strong password of 14 characters as shown below.
Generation of a password using urandom
The second command which we are using to generate a password has filtered /dev/urandom output with tr. This will allow us to delete all of the unwanted characters and then help us to print the first 14 characters only.
The output of the above command is as follows:
The output has allowed us to print first 14 characters only by deleting all of the unwanted ones.
Generation of a password using pwgen
For using pwgen we need to install this tool at first. This tool will help us generate some random yet meaningless passwords. Although the passwords generated by it are random still are pronounceable. So, we will now install the tool using the following command.
Enter the credentials as asked
The installation will eventually begin. The command line will look just like the screen below.
Once the installation has been done, we will generate a random string having 14 characters in it.
The string we got randomly is this one.
Generation of a password using gpg
Gpg can also be used to generate a strong password of 14 characters. The gpg tool uses the following command to generate the 14 characters.
The outcome of this command is
And in the end, we have a password generated which is.
Generation of a password using SHA
We will use SHA in this method, we can also hash the date. It runs through the base64. As a result, we get an output as the top of the 32 characters.
Here is the outcome containing the 32 characters yet a strong password to keep the system safe.
Generation of a password via an easy way
The generation of a password is quite easy using the command line. Although it is not random still it is useful if we utilize the whole password. The easiest command for this purpose is as follows:
The outcome of the above command is a string as shown below.
And this command is very easy, and simple enough to remember.
Generation of a password using apg
APG is Automatic Password Generator, it is already installed on all Ubuntu systems. It is also an easily used utility. It helps us generate various passwords that are the random input.
In order to generate entire random passwords, we can run apg -a 1, which will give us the passwords with 8-10 random characters. The command we used for this purpose is apg –a 1. We will run and see various passwords generated in the output.
The output has many random passwords.
Generation of a password using makepasswd
“makepasswd” can also be used to generate passwords. For using this utility, we install it at first. We will use the command sudo apt-get install makepasswd.
Enter the required credentials.
On writing the credentials, the installation will begin.
Press Y to continue
Once the utility has been installed, we will write the command which is makepasswd –count NumberOfPasswords –minchars MinLengthOfPassword.
At first, we tell how many passwords we are aiming to generate and what must be the length of each of the password. Here we have asked to generate 4 passwords with length as eight for each of it.
The outcome is shown below. We have a total of 4 passwords with 8 characters in each of them.
The command is responsible for generating a list of random passwords based on the number of passwords we want to generate and the length is also defined by us.
Conclusion
In this tutorial, we have discussed many of the ways to generate the passwords from the command line of Linux. There are many methods that already exist. Few of the utilities are already present in Linux command line, while for those which are not are easily installable using the available commands. In the tutorial, we have discussed the utility openssh, urandom, pwegn, gpg, sha, date, apg, and makepasswd. All of these commands guarantee the generation of a stronger password from Linux command line and are useful for the user to maintain the security of their systems.
Karim Buzdar
About the Author: Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. You can reach Karim on LinkedIn