Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

makekey(8) [osf1 man page]

makekey(8)						      System Manager's Manual							makekey(8)

NAME

       makekey - generate encryption key

SYNOPSIS

       /usr/lbin/makekey

DESCRIPTION

       The  command  improves  the usefulness of encryption schemes depending on a key by increasing the amount of time required to search the key
       space.  It reads 10 bytes from its standard input, and writes 13 bytes on its standard output.  The output depends on the input	in  a  way
       intended to be difficult to compute (that is, to require a substantial fraction of a second).

       The  first  eight input bytes (the "input key") can be arbitrary ASCII characters.  The last two (the salt) are best chosen from the set of
       digits, uppercase and lowercase letters, the period (.), and the slash (/).  The salt characters are repeated as the first  two	characters
       of the output.  The remaining 11 output characters are chosen from the same set as the salt and constitute the "output key".

       The  transformation  performed is essentially the following: the salt is used to select one of 4096 cryptographic machines all based on the
       National Bureau of Standards DES algorithm, but modified in 4096 different ways.  Using the input key as key, a constant string is fed into
       the machine and recirculated a number of times.	The 64 bits that come out are distributed into the 66 useful key bits in the result.

       The command is intended for programs that perform encryption (for instance, Usually input and output for are pipes.

RELATED INFORMATION

       Commands:  crypt(1), ed(1), ex(1), vi(1) delim off

																	makekey(8)

Check Out this Related Man Page

PWHASH(1)						    BSD General Commands Manual 						 PWHASH(1)

NAME

     pwhash -- hashes passwords from the command line or standard input

SYNOPSIS

     pwhash [-km] [-b rounds] [-S rounds] [-s salt] [-p | string]

DESCRIPTION

     pwhash prints the encrypted form of string to the standard output.  This is mostly useful for encrypting passwords from within scripts.

     The options are as follows:

     -b rounds
	     Encrypt the string using Blowfish hashing with the specified rounds.

     -k      Run in makekey(8) compatible mode.  A single combined key (eight chars) and salt (two chars) with no intermediate space are read from
	     standard input and the DES encrypted result is written to standard output without a terminating newline.

     -m      Encrypt the string using MD5.

     -p      Prompt for a single string with echo turned off.

     -S rounds
	     Encrypt the salt with HMAC-SHA1 using the password as key and the specified rounds as a hint for the number of iterations.

     -s salt
	     Encrypt the string using DES, with the specified salt.

     If no string is specified, pwhash reads one string per line from standard input, encrypting each one with the chosen algorithm from above.
     In the event that no specific algorithm is given as a command line option, the algorithm specified in the default class in /etc/passwd.conf
     will be used.

     For MD5 and Blowfish a new random salt is automatically generated for each password.

     Specifying the string on the command line should be discouraged; using the standard input is more secure.

FILES

     /etc/passwd.conf

SEE ALSO

     crypt(3), passwd.conf(5)

BSD
								 October 16, 2009							       BSD
Man Page