openssl-passphrase-options.pod 2.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475
  1. =pod
  2. =head1 NAME
  3. openssl-passphrase-options - Pass phrase options
  4. =head1 SYNOPSIS
  5. B<openssl>
  6. I<command>
  7. [ I<options> ... ]
  8. [ I<parameters> ... ]
  9. =head1 DESCRIPTION
  10. Several OpenSSL commands accept password arguments, typically using B<-passin>
  11. and B<-passout> for input and output passwords respectively. These allow
  12. the password to be obtained from a variety of sources. Both of these
  13. options take a single argument whose format is described below. If no
  14. password argument is given and a password is required then the user is
  15. prompted to enter one: this will typically be read from the current
  16. terminal with echoing turned off.
  17. Note that character encoding may be relevant, please see
  18. L<passphrase-encoding(7)>.
  19. =head1 OPTIONS
  20. =head2 Pass Phrase Option Arguments
  21. Pass phrase arguments can be formatted as follows.
  22. =over 4
  23. =item B<pass:>I<password>
  24. The actual password is I<password>. Since the password is visible
  25. to utilities (like 'ps' under Unix) this form should only be used
  26. where security is not important.
  27. =item B<env:>I<var>
  28. Obtain the password from the environment variable I<var>. Since
  29. the environment of other processes is visible on certain platforms
  30. (e.g. ps under certain Unix OSes) this option should be used with caution.
  31. =item B<file:>I<pathname>
  32. The first line of I<pathname> is the password. If the same I<pathname>
  33. argument is supplied to B<-passin> and B<-passout> arguments then the first
  34. line will be used for the input password and the next line for the output
  35. password. I<pathname> need not refer to a regular file: it could for example
  36. refer to a device or named pipe.
  37. =item B<fd:>I<number>
  38. Read the password from the file descriptor I<number>. This can be used to
  39. send the data via a pipe for example.
  40. =item B<stdin>
  41. Read the password from standard input.
  42. =back
  43. =head1 COPYRIGHT
  44. Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
  45. Licensed under the Apache License 2.0 (the "License"). You may not use
  46. this file except in compliance with the License. You can obtain a copy
  47. in the file LICENSE in the source distribution or at
  48. L<https://www.openssl.org/source/license.html>.
  49. =cut