曾国藩:一勤天下无难事

Pwgen随机生成密码

2019.02.26

安装

  • Centos 7.5的系统可以使用yum安装:

    yum install -y pwgen
    
  • Ubuntu 系统安装:

    apt-get install -y pwgen   
    

常用组合

pwgen - generate pronounceable passwords
常用命令可指定为:

pwgen -sy -1 18

参数详解

-0, --no-numerals    不要在生成的密码中包含数字。
       Don't include numbers in the generated passwords.

-1   打印生成的密码每行一个。
     Print the generated passwords one per line.

-A, --no-capitalize  不包含任何大写字母。
       Don't bother to include any capital letters in the generated passwords.

-a, --alt-phonics  此选项没有做任何特殊的,它只存在向后兼容性。
       This option doesn't do anything special; it is present only for backwards compatibility.

-B, --ambiguous  不要使用打印时可能被用户混淆的字符,如“L”和“1”或“0”或“O”.。这大大减少了可能的密码的数量,并因此降低了质量的通行证—话.对于视力不好的用户可能是有用的,但一般不推荐使用此选项.。
       Don't  use  characters  that  could be confused by the user when printed, such as 'l' and '1', or '0' or 'O'.This reduces the number of possible passwords significantly, and as such reduces the  quality  of  the  pass-words.  It may be useful for users who have bad vision, but in general use of this option is not recommended.

-c, --capitalize    在密码中至少包含一个大写字母。这是默认如果标准输出是一个tty设备。
       Include at least one capital letter in the password.  This is the default if the standard  output  is  a  tty device.

-C    在列中打印生成的密码。这是默认如果标准输出是一个tty设备。
      Print the generated passwords in columns.  This is the default if the standard output is a tty device.

-N, --num-passwords=num  生成数字密码。这个默认是全屏如果密码打印的列,和一个密码。
       Generate  num passwords.  This defaults to a screenful if passwords are printed by columns, and one password.

-n, --numerals  在密码中至少包含一个号码。这是默认如果标准输出是一个tty设备。
       Include at least one number in the password.  This is the default if the standard output is a tty device.

-H, --sha1=/path/to/file[#seed]
       将使用SHA1的散列特定文件和可选的种子创建密码。它会让你计算出相同的密码后,如果你记得文件,种子,和pwgen的选项。即:pwgen H ~ / your_favorite。MP3 # your@email.com给您的POP3帐户可能的密码列表,你可以问这个列表一次又一次。
       Will use the sha1's hash of given file and the optional seed to create password. It will allow you to compute the  same  password  later,  if  you  remember  the  file,  seed,  and  pwgen's  options  used.  ie: pwgen -H ~/your_favorite.mp3#your@email.com gives a list of possibles passwords for your pop3 account, and you can ask this list again and again.
      警告:使用此选项生成的密码不是非常随机的。如果使用此选项,请确保攻击者无法获取文件的副本.。另外,值得注意的是,该文件的名称可以很容易地从~ /可用。历史或~ / bash_history文件。
       WARNING:  The  passwords  generated using this option are not very random.  If you use this option, make sure the attacker can not obtain a copy of the file.  Also, note that the name of the file may be easily available from the ~/.history or ~/.bash_history file.

-h, --help  查看帮助消息。
       Print a help message.

-s, --secure  生成完全随机,难以记忆的密码。这些应该只用于机器密码,否则,它几乎可以保证,用户将只需写密码的一张纸条上的显示器…
       Generate  completely  random,  hard-to-memorize  passwords.  These should only be used for machine passwords, since otherwise it's almost guaranteed that users will simply write the password on a piece of paper taped to the monitor...

-v, --no-vowels  生成随机密码,不包含元音或数字,可能被误认为元音。它提供了更安全的密码支持允许系统管理员不必担心随机密码不小心包含进攻的子串。
       Generate  random  passwords that do not contain vowels or numbers that might be mistaken for vowels.  It pro- vides less secure passwords to allow system administrators to not have to worry with random  passwords  accidentally contain offensive substrings.

-y, --symbols  在密码中至少包含一个特殊字符。
       Include at least one special character in the password.