Generating Secure Passwords for your Linux Server
Having a strong password is necessary to protect our information from being accessible by others. A strong password should be difficult to be identified, guess or decrypt by the attackers.
Mostly, while entering passwords, we will be prompted to enter the upper case and lowercase letters along with numbers and special characters.
But thinking of a new password every time is very difficult and most people end up repeating the same password for every website and application they use.
This way of using the same password may seem very easy, but it puts our data and information at risk. Our important details, like card details or personal information, can become vulnerable to attackers.
To avoid the work of thinking of a new password for every application, we have many ways in Linux to create a strong password in the terminal itself.
Let us see the ways by which we can generate passwords in our Linux system.
Table of Contents
- Using OpenSSL
- Using pwgen utility
- Using GPG utility
- Using PERL script
- Using APG
- Using xkcdpass
- Using Revelation UI
1. Using OpenSSL
To create a random password in the terminal, type the following command.
openssl rand -base64 16
- rand - generates the random password.
- -base64 is used to ensure that the password format can be typed through the keyboard
- 16 represents the length of the password. We can increase the length or decrease it according to our needs.
Sometimes, the above command may not work because of the missing rand utility in some Linux systems.
To install the rand utility type the following command.
sudo apt install rand
2. Using pwgen utility
To generate a password using the pwgen utility, type the following command in the terminal.
sudo apt-get install pwgen
To get help while using pwgen, this command will do the trick.
pwgen –help
Using the following command we can generate a secure password that includes symbols.
pwgen -ys 14 1
Here, “y” tells pwgen to generate a secure password, “s” tells pwgen to include symbols in the password, “14” is the length of the password, and “1” at the end helps generate only one password.
3. Using GPG utility
GPG, short for GNU Privacy Guard utility, is a free command-line utility for both Linux and Microsoft Windows and Android systems.
Use the following command to create the password using the GPG utility.
gpg –gen-random –armor 1 16
Here, 16 represents the length of the password and it can be changed.
4. Using Perl script
Perl being a command-line utility available in Ubuntu repositories, it can be downloaded using the following command.
sudo apt-get install perl
To generate a password using the PERL script, we need to create a file for it. Let’s create a file named “passgen.pl” using the following command in the nano editor,
nano passgen.pl
Once the file is created, paste the following code there.
#!/usr/bin/perl
my @alphanumeric = ('a'..'z', 'A'..'Z', 0..9);
my $randompassword = join '', map $alphanumeric[rand @alphanumeric], 0..8;
print "$randompassword\n"
Save and exit the file. Using the shortcut Ctrl+X and entering Y does the trick.
Now, to run the Perl script in the file, use the command below
perl passgen.pl
5. Using APG
APG which stands for Automatic Password Generator is a command-line utility used for generating secure passwords in Linux systems. An advantage of using APG to generate passwords is that it produces pronounceable passwords.
To install APG on Ubuntu, first, enable the universe repository using the following command
sudo apt-get repository universe
And, now you are ready to install APG using the following command:
To install APG on Ubuntu/Debian, just type the command
sudo apt install apg
For CentOS/RHEL, to install APG utility, enable the EPEL repository,
sudo yum install epel-repository
And now type the following command to install APG in CentOS/RHEL systems,
sudo yum install apg
To install APG on Fedora, use the following command,
sudo dnf install apg
Once the APG is installed, you are now ready to run the apg command to generate strong, pronounceable passwords.
apg
In the output, we can see that APG has generated 6 passwords with the pronunciation of each word in the bracket. All passwords are pronounceable like regular words.
If you want to generate random passwords rather than pronounceable words, just type the following command
apg -a 1
To get more information on APG you can find it using the command below
man apg
6. Using xkcdpass
Xkcdpass is used to generate strong paraphrases. Rather than generating passwords with random characters, xkcdpass generates paraphrases.
To install xkcdpass in Ubuntu/Debian, just type the following command,
sudo apt install xkcdpass
To install xkcdpass in Arch Linux and its variants, use the following command,
sudo pacman -S xkcdpass
Once xkcdpass is installed, we can now run it using the following command in the terminal.
xkcdpass
In the output, we can see that there are 6 paraphrases created by default. We can change the number of paraphrases generated by using the “-n” option with the xkcdpass command like below.
xkcdpass -n 4
Now only 4 paraphrases will get created.
To know more about xkcdpass, you can use the following command
man xkcdpass
7. Using the Revelation UI Application
The above methods to create passwords are CLI based, but now we are going to use a UI application called revelation to create passwords in Linux systems.
To install the revelation application, type the following command
sudo apt-get install revelation
When prompted, enter “Y” in the terminal.
Once the application is installed. Open it and you can click on the password generator option which is under the View menu. In the dialog box, the length of the password can be given also if we need special characters in the password we can include that too from the dialog box. Click the generate button to finally generate the password.
To view the passwords, go to View-> Show Passwords. This will view the generated passwords in visual form and not in hidden(asterisk) form.
Conclusion
In the current era, where data is a valuable resource, we should be able to protect our own data from falling into the wrong hands.
Not using the same password on all websites and making each password stronger can avoid unnecessary and unexpected attacks from hackers and malicious attackers.
In this blog, we have seen different ways to generate a strong password in the terminal also in the Linux applications. Using these strong passwords will keep our valuable data safe from prying eyes.
Monitor Your Entire Application with Atatus
Atatus is a Full Stack Observability Platform that lets you review problems as if they happened in your application. Instead of guessing why errors happen or asking users for screenshots and log dumps, Atatus lets you replay the session to quickly understand what went wrong.
We offer Application Performance Monitoring, Real User Monitoring, Server Monitoring, Logs Monitoring, Synthetic Monitoring, Uptime Monitoring and API Analytics. It works perfectly with any application, regardless of framework, and has plugins.
Atatus can be beneficial to your business, which provides a comprehensive view of your application, including how it works, where performance bottlenecks exist, which users are most impacted, and which errors break your code for your frontend, backend, and infrastructure.
If you are not yet a Atatus customer, you can sign up for a 14-day free trial .
#1 Solution for Logs, Traces & Metrics
APM
Kubernetes
Logs
Synthetics
RUM
Serverless
Security
More