xref: /netbsd-src/usr.bin/pwhash/pwhash.1 (revision 37b34d511dea595d3ba03a661cf3b775038ea5f8) 
1.\"	$NetBSD: pwhash.1,v 1.2 2002/10/02 07:35:29 wiz Exp $
2.\"	$OpenBSD: encrypt.1,v 1.16 2000/11/09 17:52:07 aaron Exp $
3.\"
4.\" Copyright (c) 1996, Jason Downs.  All rights reserved.
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\" 1. Redistributions of source code must retain the above copyright
10.\"    notice, this list of conditions and the following disclaimer.
11.\" 2. Redistributions in binary form must reproduce the above copyright
12.\"    notice, this list of conditions and the following disclaimer in the
13.\"    documentation and/or other materials provided with the distribution.
14.\"
15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS
16.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
18.\" DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT,
19.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
20.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
21.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
22.\" CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25.\" SUCH DAMAGE.
26.\"
27.Dd October 2, 2002
28.Dt PWHASH 1
29.Os
30.Sh NAME
31.Nm pwhash
32.Nd hashes passwords from the command line or standard input
33.Sh SYNOPSIS
34.Nm pwhash
35.Op Fl b Ar rounds
36.Op Fl k
37.Op Fl m
38.Op Fl p | Ar string
39.Op Fl s Ar salt
40.Sh DESCRIPTION
41.Nm
42prints the encrypted form of
43.Ar string
44to the standard output.
45This is mostly useful for encrypting passwords from within scripts.
46.Pp
47The options are as follows:
48.Bl -tag -width Ds
49.It Fl b Ar rounds
50Encrypt the string using Blowfish hashing with the specified
51.Ar rounds .
52.It Fl k
53Run in
54.Xr makekey 8
55compatible mode; a single combined key and salt are read from standard
56input and the DES encrypted result is written to standard output without a
57terminating newline.
58.It Fl m
59Encrypt the string using MD5.
60.It Fl p
61Prompt for a single string with echo turned off.
62.It Fl s Ar salt
63Encrypt the string using DES, with the specified
64.Ar salt .
65.El
66.Pp
67If no
68.Ar string
69is specified,
70.Nm
71reads one string per line from standard input, encrypting each one
72with the chosen algorithm from above.
73In case that no specific algorithm was given as a command line option,
74the algorithm specified in the default class in
75.Pa /etc/passwd.conf
76will be used.
77.Pp
78For MD5 and Blowfish a new random salt is automatically generated for each
79password.
80.Pp
81Specifying the
82.Ar string
83on the command line should be discouraged; using the
84standard input is more secure.
85.Sh FILES
86.Bl -tag -width /etc/passwd.conf -compact
87.It Pa /etc/passwd.conf
88.El
89.Sh SEE ALSO
90.Xr crypt 3 ,
91.Xr passwd.conf 5
92