pwhash - generate password hashes
pwhash [ -a <hashalgorithm> | -s <salt>] [ -u <user> ]
If input is redirected from stdin then that is used instead. The password is only required once on stdin. When reading from stdin, if the last character is a newline, it is discarded.
The following options are supported:
Specifies a preference for the algorithm. If the algorithm is not allowed or does not exist, an error is shown.
The values are as per the key in crypt.conf(5). For example, __unix__, 1, md5, 2a, 5, and 6.
If the user is not found then an error is returned and no hash is generated.
Displays the usage message.
The following example generates a SHA256 based hash typing in the password.
$ pwhash -a 5 Password: Re-enter Password: $5$DA/w/BgH$cB394/iYqj6pk/J6W0smfmKsGrYSGeWUvHsIMnUaZh.Example 2 Generating a Hash Using the System Default Algorithm Using stdin
The following example generates a hash by using the system default algorithm using stdin.
$ pwhash <<EOM Ap@ssW0rdOnStdIN EOM $5$abaev.V6$9uyBXruzgbZn/OhqtIbvrjHpuoyDFbkQkJ47pdZA/JCExample 3 Generating a Hash Using an Existing Salt Specification
The following example generates a hash by using an existing salt specification.
$ pwhash -s '$5$abaev.V6$' Password: Re-enter Password: $5$abaev.V6$0pPY.0X/4tsis67eCsMdJ63NO9cfHKokKvjtTOQ80jAExample 4 Attempting to Generate a Hash Using a Deprecated Algorithm
The following example attempts to generate a hash by using a deprecated algorithm
$ pwhash -a __unix__ Requested algorithm not allowed by current crypt policy, see policy.conf(5).
See attributes(7) for descriptions of the following attributes: