encrypt —
encrypt passwords from the command line or
standard input
| encrypt |
[-b
rounds]
[-c
class]
[-p |
string] |
encrypt prints the encrypted form of
string to the standard output. This is mostly
useful for encrypting passwords from within scripts.
The options are as follows:
-
-
- -b
rounds
- Encrypt the string using Blowfish hashing with the
specified number of rounds. May also
specify 'a' to request a variable number of rounds scaled to the machine's
CPU capabilities.
-
-
- -c
class
- Use the cipher type specified in the given user login
class. See
login.conf(5)
for more information.
-
-
- -p
- Prompt for a single string with echo turned off.
If no
string is specified,
encrypt reads one string per line from standard
input, encrypting each one. In the case where no specific algorithm or
specific user login class was given as a command line option, the algorithm
specified in the default class in
/etc/login.conf
will be used.
For Blowfish, a new random salt is automatically generated for each password.
Specifying the
string on the command line
should be discouraged; using the standard input is more secure.
- /etc/login.conf
-
crypt_newhash(3),
login.conf(5)
encrypt first appeared in
OpenBSD
1.2.
![[OpenBSD]](/openbsd.gif){kind=small}