[thirdparty/openssl.git] / doc / apps / passwd.pod

=pod

=head1 NAME

passwd - compute password hashes

=head1 SYNOPSIS

B<openssl passwd>
[B<-help>]
[B<-crypt>]
[B<-1>]
[B<-apr1>]
[B<-5>]
[B<-6>]
[B<-salt> I<string>]
[B<-in> I<file>]
[B<-stdin>]
[B<-noverify>]
[B<-quiet>]
[B<-table>]
{I<password>}

=head1 DESCRIPTION

The B<passwd> command computes the hash of a password typed at
run-time or the hash of each password in a list.  The password list is
taken from the named file for option B<-in file>, from stdin for
option B<-stdin>, or from the command line, or from the terminal otherwise.
The Unix standard algorithm B<crypt> and the MD5-based BSD password
algorithm B<1> and its Apache variant B<apr1> are available.

=head1 OPTIONS

=over 4

=item B<-help>

Print out a usage message.

=item B<-crypt>

Use the B<crypt> algorithm (default).

=item B<-1>

Use the MD5 based BSD password algorithm B<1>.

=item B<-apr1>

Use the B<apr1> algorithm (Apache variant of the BSD algorithm).

=item B<-5>

=item B<-6>

Use the B<SHA256> / B<SHA512> based algorithms defined by Ulrich Drepper.
See L<https://www.akkadia.org/drepper/SHA-crypt.txt>.

=item B<-salt> I<string>

Use the specified salt.
When reading a password from the terminal, this implies B<-noverify>.

=item B<-in> I<file>

Read passwords from I<file>.

=item B<-stdin>

Read passwords from B<stdin>.

=item B<-noverify>

Don't verify when reading a password from the terminal.

=item B<-quiet>

Don't output warnings when passwords given at the command line are truncated.

=item B<-table>

In the output list, prepend the cleartext password and a TAB character
to each password hash.

=back

=head1 EXAMPLES

B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.

B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.

B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.

=head1 COPYRIGHT

Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the OpenSSL license (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
bb325c7d BM	1	=pod
	2
	3	=head1 NAME
	4
	5	passwd - compute password hashes
	6
	7	=head1 SYNOPSIS
	8
	9	B<openssl passwd>
169394d4	10	[B<-help>]
bb325c7d	11	[B<-crypt>]
cc244b37	12	[B<-1>]
e6e7b5f3	13	[B<-apr1>]
2e04d6cc RL	14	[B<-5>]
2e04d6cc RL	15	[B<-6>]
ad860603 BM	16	[B<-salt> I<string>]
ad860603 BM	17	[B<-in> I<file>]
e6e7b5f3	18	[B<-stdin>]
db70a3fd	19	[B<-noverify>]
bb325c7d BM	20	[B<-quiet>]
bb325c7d BM	21	[B<-table>]
ad860603	22	{I<password>}
bb325c7d BM	23
	24	=head1 DESCRIPTION
	25
e6e7b5f3 BM	26	The B<passwd> command computes the hash of a password typed at
	27	run-time or the hash of each password in a list. The password list is
	28	taken from the named file for option B<-in file>, from stdin for
db70a3fd	29	option B<-stdin>, or from the command line, or from the terminal otherwise.
cc244b37 BM	30	The Unix standard algorithm B<crypt> and the MD5-based BSD password
cc244b37 BM	31	algorithm B<1> and its Apache variant B<apr1> are available.
bb325c7d BM	32
	33	=head1 OPTIONS
	34
	35	=over 4
	36
169394d4 MR	37	=item B<-help>
	38
	39	Print out a usage message.
	40
bb325c7d BM	41	=item B<-crypt>
	42
	43	Use the B<crypt> algorithm (default).
	44
cc244b37 BM	45	=item B<-1>
	46
	47	Use the MD5 based BSD password algorithm B<1>.
	48
e6e7b5f3 BM	49	=item B<-apr1>
e6e7b5f3 BM	50
cc244b37	51	Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
e6e7b5f3	52
2e04d6cc RL	53	=item B<-5>
	54
	55	=item B<-6>
	56
	57	Use the B<SHA256> / B<SHA512> based algorithms defined by Ulrich Drepper.
	58	See L<https://www.akkadia.org/drepper/SHA-crypt.txt>.
	59
ad860603	60	=item B<-salt> I<string>
bb325c7d BM	61
bb325c7d BM	62	Use the specified salt.
db70a3fd	63	When reading a password from the terminal, this implies B<-noverify>.
bb325c7d	64
ad860603	65	=item B<-in> I<file>
e6e7b5f3	66
ad860603	67	Read passwords from I<file>.
e6e7b5f3 BM	68
	69	=item B<-stdin>
	70
	71	Read passwords from B<stdin>.
	72
db70a3fd BM	73	=item B<-noverify>
	74
	75	Don't verify when reading a password from the terminal.
	76
bb325c7d BM	77	=item B<-quiet>
bb325c7d BM	78
e6e7b5f3	79	Don't output warnings when passwords given at the command line are truncated.
bb325c7d BM	80
	81	=item B<-table>
	82
	83	In the output list, prepend the cleartext password and a TAB character
	84	to each password hash.
	85
	86	=back
	87
ad860603	88	=head1 EXAMPLES
bb325c7d	89
e6e7b5f3 BM	90	B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
e6e7b5f3 BM	91
70e96dcf	92	B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
cc244b37	93
ad860603	94	B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
bb325c7d	95
e2f92610 RS	96	=head1 COPYRIGHT
	97
	98	Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
	99
	100	Licensed under the OpenSSL license (the "License"). You may not use
	101	this file except in compliance with the License. You can obtain a copy
	102	in the file LICENSE in the source distribution or at
	103	L<https://www.openssl.org/source/license.html>.
	104
	105	=cut