passwd.pod 2.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132
  1. =pod
  2. =head1 NAME
  3. openssl-passwd,
  4. passwd - compute password hashes
  5. =head1 SYNOPSIS
  6. B<openssl passwd>
  7. [B<-help>]
  8. [B<-crypt>]
  9. [B<-1>]
  10. [B<-apr1>]
  11. [B<-aixmd5>]
  12. [B<-5>]
  13. [B<-6>]
  14. [B<-salt> I<string>]
  15. [B<-in> I<file>]
  16. [B<-stdin>]
  17. [B<-noverify>]
  18. [B<-quiet>]
  19. [B<-table>]
  20. [B<-rand file...>]
  21. [B<-writerand file>]
  22. {I<password>}
  23. =head1 DESCRIPTION
  24. The B<passwd> command computes the hash of a password typed at
  25. run-time or the hash of each password in a list. The password list is
  26. taken from the named file for option B<-in file>, from stdin for
  27. option B<-stdin>, or from the command line, or from the terminal otherwise.
  28. The Unix standard algorithm B<crypt> and the MD5-based BSD password
  29. algorithm B<1>, its Apache variant B<apr1>, and its AIX variant are available.
  30. =head1 OPTIONS
  31. =over 4
  32. =item B<-help>
  33. Print out a usage message.
  34. =item B<-crypt>
  35. Use the B<crypt> algorithm (default).
  36. =item B<-1>
  37. Use the MD5 based BSD password algorithm B<1>.
  38. =item B<-apr1>
  39. Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
  40. =item B<-aixmd5>
  41. Use the B<AIX MD5> algorithm (AIX variant of the BSD algorithm).
  42. =item B<-5>
  43. =item B<-6>
  44. Use the B<SHA256> / B<SHA512> based algorithms defined by Ulrich Drepper.
  45. See L<https://www.akkadia.org/drepper/SHA-crypt.txt>.
  46. =item B<-salt> I<string>
  47. Use the specified salt.
  48. When reading a password from the terminal, this implies B<-noverify>.
  49. =item B<-in> I<file>
  50. Read passwords from I<file>.
  51. =item B<-stdin>
  52. Read passwords from B<stdin>.
  53. =item B<-noverify>
  54. Don't verify when reading a password from the terminal.
  55. =item B<-quiet>
  56. Don't output warnings when passwords given at the command line are truncated.
  57. =item B<-table>
  58. In the output list, prepend the cleartext password and a TAB character
  59. to each password hash.
  60. =item B<-rand file...>
  61. A file or files containing random data used to seed the random number
  62. generator.
  63. Multiple files can be specified separated by an OS-dependent character.
  64. The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
  65. all others.
  66. =item [B<-writerand file>]
  67. Writes random data to the specified I<file> upon exit.
  68. This can be used with a subsequent B<-rand> flag.
  69. =back
  70. =head1 EXAMPLES
  71. % openssl passwd -crypt -salt xx password
  72. xxj31ZMTZzkVA
  73. % openssl passwd -1 -salt xxxxxxxx password
  74. $1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.
  75. % openssl passwd -apr1 -salt xxxxxxxx password
  76. $apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0
  77. % openssl passwd -aixmd5 -salt xxxxxxxx password
  78. xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/
  79. =head1 COPYRIGHT
  80. Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
  81. Licensed under the OpenSSL license (the "License"). You may not use
  82. this file except in compliance with the License. You can obtain a copy
  83. in the file LICENSE in the source distribution or at
  84. L<https://www.openssl.org/source/license.html>.
  85. =cut