Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

pwmake(1) [centos man page]

PWMAKE(1)						      General Commands Manual							 PWMAKE(1)

NAME

       pwmake - simple tool for generating random relatively easily pronounceable passwords

SYNOPSIS

       pwmake <entropy-bits>

DESCRIPTION

       pwmake  is  a  simple configurable tool for generating random and relatively easily pronounceable passwords. The tool allows you to specify
       the number of entropy bits that are used to generate the password.

       The entropy is pulled from /dev/urandom.

       The minimum number of bits is 56 which is usable for passwords on systems/services where brute force attacks are of very  limited  rate	of
       tries.  The 64 bits should be adequate for applications where the attacker does not have direct access to the password hash file. For situ-
       ations where the attacker might obtain the direct access to the password hash or the password is used as an encryption key 80 to  128  bits
       should be used depending on your level of paranoia.

OPTIONS

       The first and only argument is the number of bits of entropy used to generate the password.

FILES

       /etc/security/pwquality.conf - The configuration file for the libpwquality library.

RETURN CODES

       pwmake returns 0 on success, non zero on error.

SEE ALSO

       pwscore(1), pam_pwquality(8)

AUTHORS

       Tomas Mraz <tmraz@redhat.com>

Red Hat, Inc.							    10 Nov 2011 							 PWMAKE(1)

Check Out this Related Man Page

PWQUALITY.CONF(5)						File Formats Manual						 PWQUALITY.CONF(5)

NAME

       pwquality.conf - configuration for the libpwquality library

SYNOPSIS

       /etc/security/pwquality.conf

DESCRIPTION

       pwquality.conf  provides  a  way  to configure the default password quality requirements for the system passwords. This file is read by the
       libpwquality library and utilities that use this library for checking and generating passwords.

       The file has a very simple name = value format with possible comments starting with # character. The whitespace at the beginning  of  line,
       end of line, and around the = sign is ignored.

OPTIONS

       The possible options in the file are:

	   difok
	       Number of characters in the new password that must not be present in the old password. (default 5)

	   minlen
	       Minimum	acceptable  size for the new password (plus one if credits are not disabled which is the default). (See pam_pwquality(8).)
	       Cannot be set to lower value than 6. (default 9)

	   dcredit
	       The maximum credit for having digits in the new password. If less than 0 it is the minimum number of digits in  the  new  password.
	       (default 1)

	   ucredit
	       The maximum credit for having uppercase characters in the new password.	If less than 0 it is the minimum number of uppercase char-
	       acters in the new password. (default 1)

	   lcredit
	       The maximum credit for having lowercase characters in the new password.	If less than 0 it is the minimum number of lowercase char-
	       acters in the new password. (default 1)

	   ocredit
	       The maximum credit for having other characters in the new password.  If less than 0 it is the minimum number of other characters in
	       the new password. (default 1)

	   minclass
	       The minimum number of required classes of characters for the new password (digits, uppercase, lowercase, others). (default 0)

	   maxrepeat
	       The maximum number of allowed same consecutive characters in the new password.  The check is disabled if the value is  0.  (default
	       0)

	   maxsequence
	       The  maximum  length  of monotonic character sequences in the new password.  Examples of such sequence are '12345' or 'fedcb'. Note
	       that most such passwords will not pass the simplicity check unless the sequence is only a minor part of the password.  The check is
	       disabled if the value is 0. (default 0)

	   maxclassrepeat
	       The  maximum number of allowed consecutive characters of the same class in the new password.  The check is disabled if the value is
	       0. (default 0)

	   gecoscheck
	       If nonzero, check whether the words longer than 3 characters from the GECOS field of the user's passwd entry are contained  in  the
	       new password.  The check is disabled if the value is 0. (default 0)

	   badwords
	       Space  separated  list  of  words that must not be contained in the password. These are additional words to the cracklib dictionary
	       check. This setting can be also used by applications to emulate the gecos check for user accounts that are not created yet.

	   dictpath
	       Path to the cracklib dictionaries. Default is to use the cracklib default.

SEE ALSO

       pwscore(1), pwmake(1), pam_pwquality(8)

AUTHORS

       Tomas Mraz <tmraz@redhat.com>

Red Hat, Inc.							    10 Nov 2011 						 PWQUALITY.CONF(5)
Man Page