1.\" $OpenBSD: encrypt.1,v 1.17 2001/07/31 18:12:02 millert Exp $ 2.\" 3.\" Copyright (c) 1996, Jason Downs. All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS 15.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 16.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 17.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, 18.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 19.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 20.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 21.\" CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.Dd May 18, 1999 27.Dt ENCRYPT 1 28.Os 29.Sh NAME 30.Nm encrypt 31.Nd encrypt passwords from the command line or standard input 32.Sh SYNOPSIS 33.Nm encrypt 34.Op Fl k 35.Op Fl b Ar rounds 36.Op Fl m 37.Op Fl s Ar salt 38.Op Fl p | Ar string 39.Nm makekey 40.Sh DESCRIPTION 41.Nm 42prints the encrypted form of 43.Ar string 44to the standard output. 45This is mostly useful for encrypting passwords from within scripts. 46.Pp 47The options are as follows: 48.Bl -tag -width Ds 49.It Fl k 50Run in 51.Nm makekey 52compatible mode; a single combined key and salt are read from standard 53input and the DES encrypted result is written to standard output without a 54terminating newline. 55.It Fl b Ar rounds 56Encrypt the string using Blowfish hashing with the specified 57.Ar rounds . 58.It Fl m 59Encrypt the string using MD5. 60.It Fl p 61Prompt for a single string with echo turned off. 62.It Fl s Ar salt 63Encrypt the string using DES, with the specified 64.Ar salt . 65.El 66.Pp 67If no 68.Ar string 69is specified, 70.Nm 71reads one string per line from standard input, encrypting each one 72with the chosen algorithm from above. 73In case that no specific algorithm was given as a command line option, 74the algorithm specified in the default class in 75.Pa /etc/login.conf 76will be used. 77.Pp 78For MD5 and Blowfish a new random salt is automatically generated for each 79password. 80.Pp 81Specifying the 82.Ar string 83on the command line should be discouraged; using the 84standard input is more secure. 85.Sh FILES 86.Bl -tag -width /etc/login.conf -compact 87.It Pa /etc/login.conf 88.El 89.Sh SEE ALSO 90.Xr crypt 3 , 91.Xr login.conf 5 92.Sh HISTORY 93.Nm 94first appeared in 95.Ox 1.2 . 96.Pp 97A 98.Nm makekey 99command appeared in 100.At v7 . 101