[thirdparty/openssl.git] / doc / man1 / openssl-passwd.pod.in

=pod
{- OpenSSL::safe::output_do_not_edit_headers(); -}

=head1 NAME

openssl-passwd - compute password hashes

=head1 SYNOPSIS

B<openssl passwd>
[B<-help>]
[B<-1>]
[B<-apr1>]
[B<-aixmd5>]
[B<-5>]
[B<-6>]
[B<-salt> I<string>]
[B<-in> I<file>]
[B<-stdin>]
[B<-noverify>]
[B<-quiet>]
[B<-table>]
[B<-reverse>]
{- $OpenSSL::safe::opt_r_synopsis -}
{- $OpenSSL::safe::opt_provider_synopsis -}
[I<password>]

=head1 DESCRIPTION

This command computes the hash of a password typed at
run-time or the hash of each password in a list.  The password list is
taken from the named file for option B<-in>, from stdin for
option B<-stdin>, or from the command line, or from the terminal otherwise.
The MD5-based BSD password algorithm B<-1>, its Apache variant B<-apr1>,
and its AIX variant are available.

=head1 OPTIONS

=over 4

=item B<-help>

Print out a usage message.

=item B<-1>

Use the MD5 based BSD password algorithm B<1> (default).

=item B<-apr1>

Use the B<apr1> algorithm (Apache variant of the BSD algorithm).

=item B<-aixmd5>

Use the B<AIX MD5> algorithm (AIX variant of the BSD algorithm).

=item B<-5>

=item B<-6>

Use the B<SHA256> / B<SHA512> based algorithms defined by Ulrich Drepper.
See L<https://www.akkadia.org/drepper/SHA-crypt.txt>.

=item B<-salt> I<string>

Use the specified salt.
When reading a password from the terminal, this implies B<-noverify>.

=item B<-in> I<file>

Read passwords from I<file>.

=item B<-stdin>

Read passwords from B<stdin>.

=item B<-noverify>

Don't verify when reading a password from the terminal.

=item B<-quiet>

Don't output warnings when passwords given at the command line are truncated.

=item B<-table>

In the output list, prepend the cleartext password and a TAB character
to each password hash.

=item B<-reverse>

When the B<-table> option is used, reverse the order of cleartext and hash.

{- $OpenSSL::safe::opt_r_item -}

{- $OpenSSL::safe::opt_provider_item -}

=back

=head1 EXAMPLES

  % openssl passwd -1 -salt xxxxxxxx password
  $1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.

  % openssl passwd -apr1 -salt xxxxxxxx password
  $apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0

  % openssl passwd -aixmd5 -salt xxxxxxxx password
  xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/

=head1 HISTORY

The B<-crypt> option was removed in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
bb325c7d	1	=pod
625c781d	2	{- OpenSSL::safe::output_do_not_edit_headers(); -}
9fcb9702	3
bb325c7d BM	4	=head1 NAME
bb325c7d BM	5
b6b66573	6	openssl-passwd - compute password hashes
bb325c7d BM	7
	8	=head1 SYNOPSIS
	9
	10	B<openssl passwd>
169394d4	11	[B<-help>]
cc244b37	12	[B<-1>]
e6e7b5f3	13	[B<-apr1>]
037f2c3f	14	[B<-aixmd5>]
2e04d6cc RL	15	[B<-5>]
2e04d6cc RL	16	[B<-6>]
ad860603 BM	17	[B<-salt> I<string>]
ad860603 BM	18	[B<-in> I<file>]
e6e7b5f3	19	[B<-stdin>]
db70a3fd	20	[B<-noverify>]
bb325c7d BM	21	[B<-quiet>]
bb325c7d BM	22	[B<-table>]
65718c51	23	[B<-reverse>]
9fcb9702	24	{- $OpenSSL::safe::opt_r_synopsis -}
6bd4e3f2	25	{- $OpenSSL::safe::opt_provider_synopsis -}
92de469f	26	[I<password>]
bb325c7d BM	27
	28	=head1 DESCRIPTION
	29
35a810bb	30	This command computes the hash of a password typed at
e6e7b5f3	31	run-time or the hash of each password in a list. The password list is
e8769719	32	taken from the named file for option B<-in>, from stdin for
db70a3fd	33	option B<-stdin>, or from the command line, or from the terminal otherwise.
c87a7f31 P	34	The MD5-based BSD password algorithm B<-1>, its Apache variant B<-apr1>,
c87a7f31 P	35	and its AIX variant are available.
bb325c7d BM	36
	37	=head1 OPTIONS
	38
	39	=over 4
	40
169394d4 MR	41	=item B<-help>
	42
	43	Print out a usage message.
	44
cc244b37 BM	45	=item B<-1>
cc244b37 BM	46
c87a7f31	47	Use the MD5 based BSD password algorithm B<1> (default).
cc244b37	48
e6e7b5f3 BM	49	=item B<-apr1>
e6e7b5f3 BM	50
cc244b37	51	Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
e6e7b5f3	52
037f2c3f GN	53	=item B<-aixmd5>
	54
	55	Use the B<AIX MD5> algorithm (AIX variant of the BSD algorithm).
	56
2e04d6cc RL	57	=item B<-5>
	58
	59	=item B<-6>
	60
	61	Use the B<SHA256> / B<SHA512> based algorithms defined by Ulrich Drepper.
	62	See L<https://www.akkadia.org/drepper/SHA-crypt.txt>.
	63
ad860603	64	=item B<-salt> I<string>
bb325c7d BM	65
bb325c7d BM	66	Use the specified salt.
db70a3fd	67	When reading a password from the terminal, this implies B<-noverify>.
bb325c7d	68
ad860603	69	=item B<-in> I<file>
e6e7b5f3	70
ad860603	71	Read passwords from I<file>.
e6e7b5f3 BM	72
	73	=item B<-stdin>
	74
	75	Read passwords from B<stdin>.
	76
db70a3fd BM	77	=item B<-noverify>
	78
	79	Don't verify when reading a password from the terminal.
	80
bb325c7d BM	81	=item B<-quiet>
bb325c7d BM	82
e6e7b5f3	83	Don't output warnings when passwords given at the command line are truncated.
bb325c7d BM	84
	85	=item B<-table>
	86
	87	In the output list, prepend the cleartext password and a TAB character
	88	to each password hash.
	89
65718c51 RS	90	=item B<-reverse>
	91
	92	When the B<-table> option is used, reverse the order of cleartext and hash.
	93
9fcb9702	94	{- $OpenSSL::safe::opt_r_item -}
3ee1eac2	95
6bd4e3f2 P	96	{- $OpenSSL::safe::opt_provider_item -}
6bd4e3f2 P	97
bb325c7d BM	98	=back
bb325c7d BM	99
ad860603	100	=head1 EXAMPLES
bb325c7d	101
dfee8626 RS	102	% openssl passwd -1 -salt xxxxxxxx password
dfee8626 RS	103	$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.
cc244b37	104
dfee8626 RS	105	% openssl passwd -apr1 -salt xxxxxxxx password
dfee8626 RS	106	$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0
bb325c7d	107
dfee8626 RS	108	% openssl passwd -aixmd5 -salt xxxxxxxx password
dfee8626 RS	109	xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/
037f2c3f	110
c87a7f31 P	111	=head1 HISTORY
	112
	113	The B<-crypt> option was removed in OpenSSL 3.0.
	114
e2f92610 RS	115	=head1 COPYRIGHT
e2f92610 RS	116
0789c7d8	117	Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	118
449040b4	119	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	120	this file except in compliance with the License. You can obtain a copy
	121	in the file LICENSE in the source distribution or at
	122	L<https://www.openssl.org/source/license.html>.
	123
	124	=cut