Go to main content

man pages section 1: User Commands

Exit Print View

Updated: Wednesday, February 10, 2021

pwhash (1)


pwhash - generate password hashes


pwhash [ -a <hashalgorithm> | -s <salt>] [ -u <user> ] 


With no arguments pwhash prompts for input (and reconfirms) and generates a password hash by using crypt_gensalt(3C) followed by crypt(3C), and then displays the generated hash on stdout.

If input is redirected from stdin then that is used instead. The password is only required once on stdin. When reading from stdin, if the last character is a newline, it is discarded.


The following options are supported:


Specifies a preference for the algorithm. If the algorithm is not allowed or does not exist, an error is shown.

The values are as per the key in crypt.conf(5). For example, __unix__, 1, md5, 2a, 5, and 6.


Full specification of the algorithm and salt. This option bypasses the crypt_gensalt(3C) call and instead passes the supplied salt directly to crypt(3C). This option is mutually exclusive with –a.


Specifies the username to be used with crypt_gensalt(3C). Note that while the API allows for it, no current plugins delivered with Oracle Solaris for crypt_gensalt(3C) make use of this.

If the user is not found then an error is returned and no hash is generated.


Displays the usage message.


Example 1 Generating a SHA256 Based Hash Typing in the Password

The following example generates a SHA256 based hash typing in the password.

$ pwhash -a 5
Re-enter Password:
Example 2 Generating a Hash Using the System Default Algorithm Using stdin

The following example generates a hash by using the system default algorithm using stdin.

$ pwhash <<EOM
Example 3 Generating a Hash Using an Existing Salt Specification

The following example generates a hash by using an existing salt specification.

$ pwhash -s '$5$abaev.V6$'
     Re-enter Password:
Example 4 Attempting to Generate a Hash Using a Deprecated Algorithm

The following example attempts to generate a hash by using a deprecated algorithm

$ pwhash -a __unix__
Requested algorithm not allowed by current crypt policy, see


See attributes(7) for descriptions of the following attributes:

Interface Stability

See Also

crypt(3C), crypt_gensalt(3C), policy.conf(5), crypt.conf(5)