How to Generate, Encrypt and Decrypt Random Passwords in Linux

Introduction

Random passwords are an important part of keeping your data secure. Generating, encrypting, and decrypting random passwords in Linux can be a daunting task, but it doesn’t have to be. In this guide, we will walk you through the steps of generating, encrypting, and decrypting random passwords in Linux. We will also discuss the importance of using strong passwords and the best practices for creating and managing them. By the end of this guide, you will have the knowledge and tools to generate, encrypt, and decrypt random passwords in Linux with ease.

How to Generate, Encrypt and Decrypt Random Passwords in Linux

Generating Random Passwords

1. Using the pwgen command: The pwgen command is a simple command line utility used to generate random, meaningless but pronounceable passwords. To generate a random password of length 8, type:

$ pwgen 8

2. Using the openssl command: The openssl command is a versatile toolkit used to encrypt and decrypt data. To generate a random password of length 8, type:

$ openssl rand -base64 8

Encrypting Passwords

1. Using the openssl command: To encrypt a password, type:

$ openssl enc -aes-256-cbc -salt -in -out

Replace with the name of the file containing the password and with the name of the file to which the encrypted password will be written.

Decrypting Passwords

1. Using the openssl command: To decrypt a password, type:

$ openssl enc -aes-256-cbc -d -in -out

Replace with the name of the file containing the encrypted password and with the name of the file to which the decrypted password will be written.

In this article, we will share some interesting command-line tools to generate random passwords and also how to encrypt and decrypt passwords with or without the slat (a security measure used in password hashing) method.

Security is one of the major concerns of the digital age. We set passwords to computers, email, cloud, phones, documents, and whatnot. We all know the basic to choose a password that is easy to remember and hard to guess.

What about some sort of machine-based password generation automatically using pwgen or makepasswd – a command-line password generator used to generate random passwords based on length, complexity, and character.

PWgen – Generate a Random Password on Linux

To generate a random unique password of length equal to 10 characters use the ‘pwgen‘ command. If you have not installed pwgen, you can install it using your respective package managers as shown.

$ sudo apt install pwgen         [On Debian, Ubuntu and Mint]
$ sudo yum install pwgen         [On RHEL/CentOS/Fedora and Rocky/AlmaLinux]
$ sudo emerge -a sys-apps/pwgen  [On Gentoo Linux]
$ sudo apk add pwgen             [On Alpine Linux]
$ sudo pacman -S pwgen           [On Arch Linux]
$ sudo zypper install pwgen      [On OpenSUSE]    

Once ‘pwgen‘ is installed, you can use it to generate a single password as shown.

$ pwgen 10 1

To generate several random unique passwords of character length 50 in one go, use:

$ pwgen 50
pwgen - Generate Random Passwords
pwgen – Generate Random Passwords

Makepasswd – Generate Unique Passwords on Linux

The makepasswd command is another password generator that is used to generate unique random passwords based on a given length.

Before you can use the makepasswd command, make sure you have installed it. If not, you may install it using your distribution’s package manager as shown.

$ sudo apt install makepasswd         [On Debian, Ubuntu and Mint]
$ sudo yum install makepasswd         [On RHEL/CentOS/Fedora and Rocky/AlmaLinux]
$ sudo emerge -a sys-apps/makepasswd  [On Gentoo Linux]
$ sudo apk add makepasswd             [On Alpine Linux]
$ sudo pacman -S makepasswd           [On Arch Linux]
$ sudo zypper install makepasswd      [On OpenSUSE]    

To generate a random password of character length 10 (default value is 10).

$ makepasswd 

To generate a random password of character length 50.

$ makepasswd  --char 50

To generate 7 random passwords of 20 characters.

$ makepasswd --char 20 --count 7
makepasswd - Generate Random Passwords
makepasswd – Generate Random Passwords

mkpasswd – Encrypt a Password in Linux

To encrypt a password using crypt (a Python standard library) along with the salt method.

For those who may not be aware of salt, which is random data that serves as an additional input to a one-way function in order to protect passwords against dictionary attacks.

The mkpasswd command is a part of the whois package, and it is not installed on most modern Linux distributions, you need to install it using your distribution’s package manager.

$ sudo apt install whois         [On Debian, Ubuntu and Mint]
$ sudo yum install whois         [On RHEL/CentOS/Fedora and Rocky/AlmaLinux]
$ sudo emerge -a sys-apps/whois  [On Gentoo Linux]
$ sudo apk add whois             [On Alpine Linux]
$ sudo pacman -S whois           [On Arch Linux]
$ sudo zypper install whois      [On OpenSUSE]    

Now run the makepasswd command, which will encrypt the password with salt. The salt value is taken randomly and automatically. Hence every time you run the below command it will generate different outputs because it is accepting a random value for salt every time.

$ mkpasswd tecmint

Running the above command will generate a random salt value and use it to create the password hash for the password “tecmint.” The output will include the generated password hash.

To generate an SHA-512 password hash with the password “tecmint”, you can use the following command:

$ mkpasswd -m sha-512 tecmint

The output will be the generated password hash, which you can use for password storage or authentication purposes.

Moreover, mkpasswd is interactive and if you don’t provide a password along with the command, it will ask password interactively.

mkpasswd - Encrypt Password in Linux
mkpasswd – Encrypt Password in Linux

Encrypt a String with Password in Linux

To encrypt a string say “Tecmint-is-a-Linux-Community” using aes-256-cbc encryption using a password say “tecmint” and salt.

$ echo Tecmint-is-a-Linux-Community | openssl enc -aes-256-cbc -a -salt -pass pass:tecmint -pbkdf2

Here in the above example, the output of the echo command is pipelined with the openssl command that passes the input to be encrypted using Encoding with Cipher (enc) that uses aes-256-cbc encryption algorithm with salt it is encrypted using the password (tecmint) and -pbkdf2 algorithm.

Encrypt String with Password in Linux
Encrypt String with Password in Linux

Decrypt a String in Linux

To decrypt the above string use the openssl command using the -aes-256-cbc decryption.

# echo U2FsdGVkX18Zgoc+dfAdpIK58JbcEYFdJBPMINU91DKPeVVrU2k9oXWsgpvpdO/Z | openssl enc -aes-256-cbc -a -d -salt -pass pass:tecmint
Decrypt String in Linux
Decrypt String in Linux

That’s all for now. If you know any such tips and tricks you may share in the comment section, your tip will be published under your name and also we will include it in our future article.

How to Generate, Encrypt and Decrypt Random Passwords in Linux

Creating and managing secure passwords is an important part of keeping your data safe. In Linux, there are several ways to generate, encrypt, and decrypt random passwords. This guide will walk you through the steps of creating, encrypting, and decrypting random passwords in Linux.

Generating Random Passwords

The first step in creating secure passwords is to generate random passwords. This can be done using the pwgen command. This command will generate a random password of a specified length. For example, to generate a random password of 8 characters, you would use the following command:

pwgen 8

This command will generate a random password of 8 characters. You can also specify the number of passwords to generate and the type of characters to use. For example, to generate 10 passwords of 8 characters each, using only lowercase letters, you would use the following command:

pwgen 8 10 -s -1

Encrypting Passwords

Once you have generated a random password, you can encrypt it using the openssl command. This command will encrypt the password using a specified algorithm. For example, to encrypt a password using the SHA-256 algorithm, you would use the following command:

openssl passwd -6 -salt mysalt mypassword

This command will encrypt the password using the SHA-256 algorithm and the specified salt. You can also use the -1 option to use the MD5 algorithm instead. The encrypted password will be printed to the terminal.

Decrypting Passwords

Once you have encrypted a password, you can decrypt it using the openssl command. This command will decrypt the password using the specified algorithm. For example, to decrypt a password encrypted with the SHA-256 algorithm, you would use the following command:

openssl passwd -6 -salt mysalt -d mypassword

This command will decrypt the password using the SHA-256 algorithm and the specified salt. You can also use the -1 option to use the MD5 algorithm instead. The decrypted password will be printed to the terminal.

Conclusion

In this guide, we have shown you how to generate, encrypt, and decrypt random passwords in Linux. We have also discussed the different algorithms that can be used to encrypt and decrypt passwords. By following the steps outlined in this guide, you should be able to create secure passwords for your data.

Jaspreet Singh Ghuman

Jaspreet Singh Ghuman

Jassweb.com/

Passionate Professional Blogger, Freelancer, WordPress Enthusiast, Digital Marketer, Web Developer, Server Operator, Networking Expert. Empowering online presence with diverse skills.

jassweb logo

Jassweb always keeps its services up-to-date with the latest trends in the market, providing its customers all over the world with high-end and easily extensible internet, intranet, and extranet products.

Contact
San Vito Al Tagliamento 33078
Pordenone Italy
Item added to cart.
0 items - 0.00
Open chat
Scan the code
Hello 👋
Can we help you?