Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: swordfish --- a password generator
Special Forums Cybersecurity swordfish --- a password generator Post 302507014 by Perderabo on Tuesday 22nd of March 2011 02:18:42 PM
Old 03-22-2011
Quote:
Originally Posted by ArcAngel
Hi,

I use your tool on Solaris 10, only i get this error.

[machine:user]$ ./swordfish
>>}###@>---- format +s +x 10
./swordfish[39]: !X0 && !X1 && !X2 && !X3 && !X4 && !Carry : bad number
password statistics are on
password expansions are on
10 passwords will be generated per template

Opps! Sorry ArcAngel, I had not noticed your report before. Better late than never I guess. Smilie There is no X4, it only goes up to X3. The fix was to remove "!X4 && " from that line. Actually, it's odd that the script ran everywhere else.

I have recently been ordered to use 12 character randomly generated passwords that meet strong complexity requirements. That is why I have dusted off this old script. I need it badly right now. Ironically, I want to to run on Solaris just like ArcAngel. I also tested it on RedHat and it broke on the latest ksh. I had to change my character slicing technique to get it work. I used to do stuff like this:
Code:
first=${x%${x#?}}

to get the first character. That breaks depening on the contents of the field. That had always been the case but it breaks more easily with today's ksh. I switched to
Code:
        first=$x
        while ((${#first} > 1 )) ; do
               first=${first%?}
        done

which works all the time and it much faster than it looks. I upgraded the help system a little, corrected spelling errors, etc. I had to reverse engineer my own code so I upgraded the comments quite a bit as well. It saved me from needed to memorize a string of garbage from a lesser password generator. I hope others can use it as well.
This User Gave Thanks to Perderabo For This Post:
smitty8
 

7 More Discussions You Might Find Interesting

1. Cybersecurity

Password Generator

I need a great Password Generator program. I looked at a few of them, but none of them seemed to be what I wanted. So I have decided to write my own. (That's the cool thing about being a programmer....I always get what I want in software :) ) Do you have any password generators that you... (13 Replies)
Discussion started by: Perderabo
13 Replies

2. UNIX for Dummies Questions & Answers

date generator

Is there a command to generate the unix date that is in theshadow file?>? (2 Replies)
Discussion started by: BG_JrAdmin
2 Replies

3. Shell Programming and Scripting

time generator

Hi experts, I'd like to generate the table/file containing: number of milliseconds elapsed since midnight till midnight. It should contain 5 columns (hours minutes seconds milliseconds): Table will have theoretically 86 400 000 rows. My question is , is there somewhere the file or source... (7 Replies)
Discussion started by: hernand
7 Replies

4. Shell Programming and Scripting

Sequence generator

Thanks Guys This really helped (5 Replies)
Discussion started by: robert89
5 Replies

5. UNIX for Beginners Questions & Answers

Password generator with user inputs

Hi, I am new to bash scripting and i wanted to make a bash script that will generate a password for a user. The user must enter his/her name and the url of the site the password is used for. And the script will generate a password with those two elements in the password. So if the url is... (0 Replies)
Discussion started by: Kvr123
0 Replies

6. Shell Programming and Scripting

Random Password generator with 2 digits and 6 characters

I am using the below to random generate a password but I need to have 2 numeric characters and 6 alphabetic chars head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 ; echo '' 6USUvqRB ------ Post updated at 04:43 PM ------ Any Help folks - Can the output be passed onto a sed command to... (9 Replies)
Discussion started by: infernalhell
9 Replies

7. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

LEARN ABOUT SUSE

pwgen

PWGEN(1)						      General Commands Manual							  PWGEN(1)

NAME

       pwgen - generate pronounceable passwords

SYNOPSIS

       pwgen [ OPTION ] [ pw_length ] [ num_pw ]

DESCRIPTION

       The  pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible.  Human-memo-
       rable passwords are never going to be as secure as completely completely random passwords.  In particular,  passwords  generated  by  pwgen
       without	the -s option should not be used in places where the password could be attacked via an off-line brute-force attack.   On the other
       hand, completely randomly generated  passwords have a tendency to be written down, and are subject to being compromised in that fashion.

       The pwgen program is designed to be used both interactively, and in shell scripts.   Hence,  its  default  behavior  differs  depending	on
       whether the standard output is a tty device or a pipe to another program.  Used interactively, pwgen will display a screenful of passwords,
       allowing the user to pick a single password, and then quickly erase the screen.	This prevents someone from being able to  "shoulder  surf"
       the user's chosen password.

       When  standard  output  (stdout)  is  not  a tty, pwgen will only generate one password, as this tends to be much more convenient for shell
       scripts, and in order to be compatible with previous versions of this program.

       In addition, for backwards compatibility reasons, when stdout is not a tty and secure password generation  mode	has  not  been	requested,
       pwgen  will  generate  less secure passwords, as if the -0A options had been passed to it on the command line.  This can be overriden using
       the -nc options.  In the future, the behavior when stdout is a tty may change, so shell scripts using pwgen should explicitly  specify  the
       -nc or -0A options.  The latter is not recommended for security reasons, since such passwords are far too easy to guess.

OPTIONS

       -0, --no-numerals
	      Don't include numbers in the generated passwords.

       -1     Print the generated passwords one per line.

       -A, --no-capitalize
	      Don't bother to include any capital letters in the generated passwords.

       -a, --alt-phonics
	      This option doesn't do anything special; it is present only for backwards compatibility.

       -B, --ambiguous
	      Don't  use  characters that could be confused by the user when printed, such as 'l' and '1', or '0' or 'O'.  This reduces the number
	      of possible passwords significantly, and as such reduces the quality of the passwords.  It may be useful	for  users  who  have  bad
	      vision, but in general use of this option is not recommended.

       -c, --capitalize
	      Include at least one capital letter in the password.  This is the default if the standard output is a tty device.

       -C     Print the generated passwords in columns.  This is the default if the standard output is a tty device.

       -N, --num-passwords=num
	      Generate num passwords.  This defaults to a screenful if passwords are printed by columns, and one password.

       -n, --numerals
	      Include at least one number in the password.  This is the default if the standard output is a tty device.

       -H, --sha1=/path/to/file[#seed]
	      Will  use  the  sha1's  hash  of given file and the optional seed to create password. It will allow you to compute the same password
	      later, if you remember the file, seed, and pwgen's options used.	ie: pwgen -H ~/your_favorite.mp3#your@email.com gives  a  list	of
	      possibles passwords for your pop3 account, and you can ask this list again and again.

	      WARNING:	The  passwords	generated  using  this option are not very random.  If you use this option, make sure the attacker can not
	      obtain a copy of the file.  Also, note that the name of the file may be easily available	from  the  ~/.history  or  ~/.bash_history
	      file.

       -h, --help
	      Print a help message.

       -s, --secure
	      Generate	completely  random,  hard-to-memorize  passwords.   These  should only be used for machine passwords, since otherwise it's
	      almost guaranteed that users will simply write the password on a piece of paper taped to the monitor...

       -v, --no-vowels
	      Generate random passwords that do not contain vowels or numbers that might be mistaken for vowels.  It provides  less  secure  pass-
	      words to allow system administrators to not have to worry with random passwords accidentally contain offensive substrings.

       -y, --symbols
	      Include at least one special character in the password.

AUTHOR

       This  version  of pwgen was written by Theodore Ts'o <tytso@alum.mit.edu>.  It is modelled after a program originally written by Brandon S.
       Allbery, and then later extensively modified by Olaf Titz,  Jim Lynch, and others.  It was rewritten from scratch by Theodore Ts'o  because
       the original program was somewhat of a hack, and thus hard to maintain, and because the licensing status of the program was unclear.

SEE ALSO

       passwd(1)

pwgen version 2.05						   January 2006 							  PWGEN(1)
All times are GMT -4. The time now is 06:36 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy