[thirdparty/openssl.git] / doc / man1 / openssl-passwd.pod

=pod

=head1 NAME

openssl-passwd - compute password hashes

=head1 SYNOPSIS

B<openssl passwd>
[B<-help>]
[B<-crypt>]
[B<-1>]
[B<-apr1>]
[B<-aixmd5>]
[B<-5>]
[B<-6>]
[B<-salt> I<string>]
[B<-in> I<file>]
[B<-stdin>]
[B<-noverify>]
[B<-quiet>]
[B<-table>]
[B<-rand file...>]
[B<-writerand file>]
{I<password>}

=head1 DESCRIPTION

The B<passwd> command computes the hash of a password typed at
run-time or the hash of each password in a list.  The password list is
taken from the named file for option B<-in file>, from stdin for
option B<-stdin>, or from the command line, or from the terminal otherwise.
The Unix standard algorithm B<crypt> and the MD5-based BSD password
algorithm B<1>, its Apache variant B<apr1>, and its AIX variant are available.

=head1 OPTIONS

=over 4

=item B<-help>

Print out a usage message.

=item B<-crypt>

Use the B<crypt> algorithm (default).

=item B<-1>

Use the MD5 based BSD password algorithm B<1>.

=item B<-apr1>

Use the B<apr1> algorithm (Apache variant of the BSD algorithm).

=item B<-aixmd5>

Use the B<AIX MD5> algorithm (AIX variant of the BSD algorithm).

=item B<-5>

=item B<-6>

Use the B<SHA256> / B<SHA512> based algorithms defined by Ulrich Drepper.
See L<https://www.akkadia.org/drepper/SHA-crypt.txt>.

=item B<-salt> I<string>

Use the specified salt.
When reading a password from the terminal, this implies B<-noverify>.

=item B<-in> I<file>

Read passwords from I<file>.

=item B<-stdin>

Read passwords from B<stdin>.

=item B<-noverify>

Don't verify when reading a password from the terminal.

=item B<-quiet>

Don't output warnings when passwords given at the command line are truncated.

=item B<-table>

In the output list, prepend the cleartext password and a TAB character
to each password hash.

=item B<-rand file...>

A file or files containing random data used to seed the random number
generator.
Multiple files can be specified separated by an OS-dependent character.
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
all others.

=item [B<-writerand file>]

Writes random data to the specified I<file> upon exit.
This can be used with a subsequent B<-rand> flag.

=back

=head1 EXAMPLES

  % openssl passwd -crypt -salt xx password
  xxj31ZMTZzkVA

  % openssl passwd -1 -salt xxxxxxxx password
  $1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.

  % openssl passwd -apr1 -salt xxxxxxxx password
  $apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0

  % openssl passwd -aixmd5 -salt xxxxxxxx password
  xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/

=head1 COPYRIGHT

Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
bb325c7d BM	1	=pod
	2
	3	=head1 NAME
	4
b6b66573	5	openssl-passwd - compute password hashes
bb325c7d BM	6
	7	=head1 SYNOPSIS
	8
	9	B<openssl passwd>
169394d4	10	[B<-help>]
bb325c7d	11	[B<-crypt>]
cc244b37	12	[B<-1>]
e6e7b5f3	13	[B<-apr1>]
037f2c3f	14	[B<-aixmd5>]
2e04d6cc RL	15	[B<-5>]
2e04d6cc RL	16	[B<-6>]
ad860603 BM	17	[B<-salt> I<string>]
ad860603 BM	18	[B<-in> I<file>]
e6e7b5f3	19	[B<-stdin>]
db70a3fd	20	[B<-noverify>]
bb325c7d BM	21	[B<-quiet>]
bb325c7d BM	22	[B<-table>]
3ee1eac2 RS	23	[B<-rand file...>]
3ee1eac2 RS	24	[B<-writerand file>]
ad860603	25	{I<password>}
bb325c7d BM	26
	27	=head1 DESCRIPTION
	28
e6e7b5f3 BM	29	The B<passwd> command computes the hash of a password typed at
	30	run-time or the hash of each password in a list. The password list is
	31	taken from the named file for option B<-in file>, from stdin for
db70a3fd	32	option B<-stdin>, or from the command line, or from the terminal otherwise.
cc244b37	33	The Unix standard algorithm B<crypt> and the MD5-based BSD password
037f2c3f	34	algorithm B<1>, its Apache variant B<apr1>, and its AIX variant are available.
bb325c7d BM	35
	36	=head1 OPTIONS
	37
	38	=over 4
	39
169394d4 MR	40	=item B<-help>
	41
	42	Print out a usage message.
	43
bb325c7d BM	44	=item B<-crypt>
	45
	46	Use the B<crypt> algorithm (default).
	47
cc244b37 BM	48	=item B<-1>
	49
	50	Use the MD5 based BSD password algorithm B<1>.
	51
e6e7b5f3 BM	52	=item B<-apr1>
e6e7b5f3 BM	53
cc244b37	54	Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
e6e7b5f3	55
037f2c3f GN	56	=item B<-aixmd5>
	57
	58	Use the B<AIX MD5> algorithm (AIX variant of the BSD algorithm).
	59
2e04d6cc RL	60	=item B<-5>
	61
	62	=item B<-6>
	63
	64	Use the B<SHA256> / B<SHA512> based algorithms defined by Ulrich Drepper.
	65	See L<https://www.akkadia.org/drepper/SHA-crypt.txt>.
	66
ad860603	67	=item B<-salt> I<string>
bb325c7d BM	68
bb325c7d BM	69	Use the specified salt.
db70a3fd	70	When reading a password from the terminal, this implies B<-noverify>.
bb325c7d	71
ad860603	72	=item B<-in> I<file>
e6e7b5f3	73
ad860603	74	Read passwords from I<file>.
e6e7b5f3 BM	75
	76	=item B<-stdin>
	77
	78	Read passwords from B<stdin>.
	79
db70a3fd BM	80	=item B<-noverify>
	81
	82	Don't verify when reading a password from the terminal.
	83
bb325c7d BM	84	=item B<-quiet>
bb325c7d BM	85
e6e7b5f3	86	Don't output warnings when passwords given at the command line are truncated.
bb325c7d BM	87
	88	=item B<-table>
	89
	90	In the output list, prepend the cleartext password and a TAB character
	91	to each password hash.
	92
3ee1eac2 RS	93	=item B<-rand file...>
	94
	95	A file or files containing random data used to seed the random number
	96	generator.
	97	Multiple files can be specified separated by an OS-dependent character.
	98	The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
	99	all others.
	100
	101	=item [B<-writerand file>]
	102
	103	Writes random data to the specified I<file> upon exit.
	104	This can be used with a subsequent B<-rand> flag.
	105
bb325c7d BM	106	=back
bb325c7d BM	107
ad860603	108	=head1 EXAMPLES
bb325c7d	109
dfee8626 RS	110	% openssl passwd -crypt -salt xx password
dfee8626 RS	111	xxj31ZMTZzkVA
e6e7b5f3	112
dfee8626 RS	113	% openssl passwd -1 -salt xxxxxxxx password
dfee8626 RS	114	$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.
cc244b37	115
dfee8626 RS	116	% openssl passwd -apr1 -salt xxxxxxxx password
dfee8626 RS	117	$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0
bb325c7d	118
dfee8626 RS	119	% openssl passwd -aixmd5 -salt xxxxxxxx password
dfee8626 RS	120	xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/
037f2c3f	121
e2f92610 RS	122	=head1 COPYRIGHT
e2f92610 RS	123
b6b66573	124	Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	125
449040b4	126	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	127	this file except in compliance with the License. You can obtain a copy
	128	in the file LICENSE in the source distribution or at
	129	L<https://www.openssl.org/source/license.html>.
	130
	131	=cut