pwhash - generate password hashes
pwhash [ -a <hashalgorithm> | -s <salt>] [ -u <user> ]
With no arguments pwhash prompts for input (and reconfirms) and generates a password hash by using attributes(5) followed by crypt(3C), and then displays the generated hash on stdout.
If input is redirected from stdin then that is used instead. The password is only required once on stdin. When reading from stdin, if the last character is a newline, it is discarded.
The following options are supported:
Specifies a preference for the algorithm. If the algorithm is not allowed or does not exist, an error is shown.
The values are as per the key in crypt.conf(4). For example, __unix__, 1, md5, 2a, 5, and 6.
Full specification of the algorithm and salt. This option bypasses the crypt_gensalt(3C) call and instead passes the supplied salt directly to crypt(3C). This option is mutually exclusive with –a.
Specifies the username to be used with crypt_gensalt(3C). Note that while the API allows for it, no current plugins delivered with Oracle Solaris for crypt_gensalt(3C) make use of this.
If the user is not found then an error is returned and no hash is generated.
Displays the usage message.
The following example generates a SHA256 based hash typing in the password.
$ pwhash -a 5 Password: Re-enter Password: $5$DA/w/BgH$cB394/iYqj6pk/J6W0smfmKsGrYSGeWUvHsIMnUaZh.Example 2 Generating a Hash Using the System Default Algorithm Using stdin
The following example generates a hash by using the system default algorithm using stdin.
$ pwhash <<EOM Ap@ssW0rdOnStdIN EOM $5$abaev.V6$9uyBXruzgbZn/OhqtIbvrjHpuoyDFbkQkJ47pdZA/JCExample 3 Generating a Hash Using an Existing Salt Specification
The following example genrates a hash by using an existing salt specification.
$ pwhash -s '$5$abaev.V6$' Password: Re-enter Password: $5$abaev.V6$0pPY.0X/4tsis67eCsMdJ63NO9cfHKokKvjtTOQ80jAExample 4 Attempting to Generate a Hash Using a Deprecated Algorithm
The following example attempts to generate a hash by using a deprecated algorithm
$ pwhash -a __unix__ Requested algorithm not allowed by current crypt policy, see policy.conf(4).
See attributes(5) for descriptions of the following attributes:
|