While reevaluating my security practices, I came up with the conclusion that my password system is a mess. For obvious reasons, I won’t talk about it much, but I realized that having a handy password generator will be a good idea. While searching a few minutes for hints and solutions, I came up with two methods that works out-of-the box on a OpenBSD machine, without needing any extra package to be installed than the default base system.
Here’s the first one:
dd if=/dev/urandom count=200 bs=1 2>/dev/null|tr “\n” ” “|sed ‘s/[^a-zA-Z0-9]//g’|cut -c-16
It’s a little cryptic for a newbie (due to sed), but what you have to remember is that it generates passwords with a length of 16 characters and modifying the last argument will modify your password length. It’s based on /dev/urandom device, so it should be safe enough.
The second method uses OpenSSL:
openssl rand -base64 16
Careful, sometimes the last two characters would always be “==”. if you use this command, but you can get rid of this by adjusting the length of it.
Now, you can use any of this commands to have a pretty secure password. But to increase the randomness of it, I use a bash script that generates a two strings, one with each method, and I’ve placed a special character between them (it can be “@”, “#”, “$”, “%”, anything you like).
Here’s my script:
part1=`openssl rand -base64 6`
part2=`dd if=/dev/urandom count=200 bs=1 2>/dev/null|tr “\n” ” “|sed ‘s/[^a-zA-Z0-9]//g’|cut -c-9`
You can easily tweak the length of the each two strings and the special character between them. The example from above gives you a 16 (6+1+9) characters password, with the “%” characters between the two strings.