1b077aed3SPierre Pronchery=pod 2b077aed3SPierre Pronchery 3b077aed3SPierre Pronchery=head1 NAME 4b077aed3SPierre Pronchery 5b077aed3SPierre Proncheryopenssl-passphrase-options - Pass phrase options 6b077aed3SPierre Pronchery 7b077aed3SPierre Pronchery=head1 SYNOPSIS 8b077aed3SPierre Pronchery 9b077aed3SPierre ProncheryB<openssl> 10b077aed3SPierre ProncheryI<command> 11b077aed3SPierre Pronchery[ I<options> ... ] 12b077aed3SPierre Pronchery[ I<parameters> ... ] 13b077aed3SPierre Pronchery 14b077aed3SPierre Pronchery=head1 DESCRIPTION 15b077aed3SPierre Pronchery 16b077aed3SPierre ProncherySeveral OpenSSL commands accept password arguments, typically using B<-passin> 17b077aed3SPierre Proncheryand B<-passout> for input and output passwords respectively. These allow 18b077aed3SPierre Proncherythe password to be obtained from a variety of sources. Both of these 19b077aed3SPierre Proncheryoptions take a single argument whose format is described below. If no 20b077aed3SPierre Proncherypassword argument is given and a password is required then the user is 21b077aed3SPierre Proncheryprompted to enter one: this will typically be read from the current 22b077aed3SPierre Proncheryterminal with echoing turned off. 23b077aed3SPierre Pronchery 24b077aed3SPierre ProncheryNote that character encoding may be relevant, please see 25b077aed3SPierre ProncheryL<passphrase-encoding(7)>. 26b077aed3SPierre Pronchery 27b077aed3SPierre Pronchery=head1 OPTIONS 28b077aed3SPierre Pronchery 29b077aed3SPierre Pronchery=head2 Pass Phrase Option Arguments 30b077aed3SPierre Pronchery 31b077aed3SPierre ProncheryPass phrase arguments can be formatted as follows. 32b077aed3SPierre Pronchery 33b077aed3SPierre Pronchery=over 4 34b077aed3SPierre Pronchery 35b077aed3SPierre Pronchery=item B<pass:>I<password> 36b077aed3SPierre Pronchery 37b077aed3SPierre ProncheryThe actual password is I<password>. Since the password is visible 38b077aed3SPierre Proncheryto utilities (like 'ps' under Unix) this form should only be used 39b077aed3SPierre Proncherywhere security is not important. 40b077aed3SPierre Pronchery 41b077aed3SPierre Pronchery=item B<env:>I<var> 42b077aed3SPierre Pronchery 43b077aed3SPierre ProncheryObtain the password from the environment variable I<var>. Since 44b077aed3SPierre Proncherythe environment of other processes is visible on certain platforms 45b077aed3SPierre Pronchery(e.g. ps under certain Unix OSes) this option should be used with caution. 46b077aed3SPierre Pronchery 47b077aed3SPierre Pronchery=item B<file:>I<pathname> 48b077aed3SPierre Pronchery 49*a7148ab3SEnji CooperReads the password from the specified file I<pathname>, which can be a regular 50*a7148ab3SEnji Cooperfile, device, or named pipe. Only the first line, up to the newline character, 51*a7148ab3SEnji Cooperis read from the stream. 52*a7148ab3SEnji Cooper 53*a7148ab3SEnji CooperIf the same I<pathname> argument is supplied to both B<-passin> and B<-passout> 54*a7148ab3SEnji Cooperarguments, the first line will be used for the input password, and the next 55*a7148ab3SEnji Cooperline will be used for the output password. 56b077aed3SPierre Pronchery 57b077aed3SPierre Pronchery=item B<fd:>I<number> 58b077aed3SPierre Pronchery 59*a7148ab3SEnji CooperReads the password from the file descriptor I<number>. This can be useful for 60*a7148ab3SEnji Coopersending data via a pipe, for example. The same line handling as described for 61*a7148ab3SEnji CooperB<file:> applies to passwords read from file descriptors. 62*a7148ab3SEnji Cooper 63*a7148ab3SEnji CooperB<fd:> is not supported on Windows. 64b077aed3SPierre Pronchery 65b077aed3SPierre Pronchery=item B<stdin> 66b077aed3SPierre Pronchery 67*a7148ab3SEnji CooperReads the password from standard input. The same line handling as described for 68*a7148ab3SEnji CooperB<file:> applies to passwords read from standard input. 69b077aed3SPierre Pronchery 70b077aed3SPierre Pronchery=back 71b077aed3SPierre Pronchery 72b077aed3SPierre Pronchery=head1 COPYRIGHT 73b077aed3SPierre Pronchery 74*a7148ab3SEnji CooperCopyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. 75b077aed3SPierre Pronchery 76b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 77b077aed3SPierre Proncherythis file except in compliance with the License. You can obtain a copy 78b077aed3SPierre Proncheryin the file LICENSE in the source distribution or at 79b077aed3SPierre ProncheryL<https://www.openssl.org/source/license.html>. 80b077aed3SPierre Pronchery 81b077aed3SPierre Pronchery=cut 82