|
|||
Generating passwords with jot(1)
The EXAMPLES section of jot(1) shows how to generate random passwords:
Code:
Generate 20 random 8-letter strings (note that the character `{' comes after the character `z' in the ASCII character set): $ jot -r -c 160 a { | rs -g0 0 8 Code:
$ jot -r -c 160 a { | rs -g0 0 8 hyoxlfjd wbaesvin gsqyqddi fdbgemht dbhcbcgv mxqhiowu peeehzgb rzsfxrhl wovotepg wxjboxxb olppczdn ihluusoj wnomxtmp pcrwqqrk svsnhouz srcbyhyt tyezavfb zkncnbmw lfwhlbfl lffkrnhu In the jot command jot -r -c 160 a {, the 'a }' specify a range in the ASCII character set. From ascii(7): Code:
The hexadecimal set: 00 nul 01 soh 02 stx 03 etx 04 eot 05 enq 06 ack 07 bel 08 bs 09 ht 0a nl 0b vt 0c np 0d cr 0e so 0f si 10 dle 11 dc1 12 dc2 13 dc3 14 dc4 15 nak 16 syn 17 etb 18 can 19 em 1a sub 1b esc 1c fs 1d gs 1e rs 1f us 20 sp 21 ! 22 " 23 # 24 $ 25 % 26 & 27 ' 28 ( 29 ) 2a * 2b + 2c , 2d - 2e . 2f / 30 0 31 1 32 2 33 3 34 4 35 5 36 6 37 7 38 8 39 9 3a : 3b ; 3c < 3d = 3e > 3f ? 40 @ 41 A 42 B 43 C 44 D 45 E 46 F 47 G 48 H 49 I 4a J 4b K 4c L 4d M 4e N 4f O 50 P 51 Q 52 R 53 S 54 T 55 U 56 V 57 W 58 X 59 Y 5a Z 5b [ 5c \ 5d ] 5e ^ 5f _ 60 ` 61 a 62 b 63 c 64 d 65 e 66 f 67 g 68 h 69 i 6a j 6b k 6c l 6d m 6e n 6f o 70 p 71 q 72 r 73 s 74 t 75 u 76 v 77 w 78 x 79 y 7a z 7b { 7c | 7d } 7e ~ 7f del To include the uppercase characters starting at 41 we simply replace the lower case 'a' with it's uppercase cousin Code:
jot -r -c 160 A { | rs -g0 0 8 ^iz]KHzZ it[Mf^nL palwGVSH mbicqSVv AxebFSNA nvfUhgqM haBaREHM bHi^FK]g [Pw[KLyS Ac\PzxFX GpXZgmNb vx_^\]QJ mkFEZWTe PojZjt`] hWjAtj^h EwI[bPij JCl]k\DA o^BeO\XP JzPY\oHT co[pp[Pe Code:
$ jot -r -c 160 ! { | rs -g0 0 8 EpE-:?5b G6SY"]pW >hI'D.!Y 2QpeTSNo )K(7![%^ KA^N7j!? <_)>8y[m //N:M>dU u*#!m.+E *'4mZ2gF T6lzpXVY YhJKJ'%k xI0!*!/W j!O-b3)n 907panXg HpPwh"7H HoK:i3>a ,`v_9mh^ NX!:7Lk? Code:
$ jot -r -c 300 ! { | rs 0 12 & B w 7 + - l $ Z ( ( M . > > u 7 a a $ s 4 7 V = / x i v O > * H [ T V % - 5 [ x * 8 3 f f " * o , u " o N r _ : z b @ $ I F w * . V I S & ( O * X 8 1 = r ; 4 ` p 7 F m l / ^ @ 6 _ B i S - w ( ^ @ 8 M D h p " x ; G B s a x F & b 1 h ! G j X . M ) + 2 4 ) t 7 ? [ c 3 o f % ] P \ d p 8 Y K = N x y z 9 Q h m U 6 9 8 K N O V p & 3 [ F ! 4 - A ; / P O \ 9 ! f Z " j K 3 G b @ F ! - A L $ * g j U & 9 p % j U U + 7 ? Z @ J G X V A 4 F ^ = ( > g E S ) q y & 2 # p l o - & V a 3 " m 7 = 5 E D m > 7 ( ; C # H 3 ? v l + Y E C = ` K X = F U g D D d j ^ g k 7 n z A N A p k k u ( ] @ x 0 9 i D R Z g $ J z N For 10 passwords of 15 characters long: Code:
$ jot -r -c 150 ! { | rs 0 15 D $ A v [ = A T @ d * ; / B ( c 8 s g ` ) n 5 D 5 ? W k K o 5 $ g I O U o J V M n > Y j , 3 @ j r ' T R 6 2 6 t B t T Y y _ . F [ T 4 J k U + x # m l ` l k ^ L L , d u o L Y ^ I U > w ! % M k 9 C q z ( I _ e V b i > Z 4 E P ! 4 D g $ 5 K i : y C . % p 0 2 I U h _ A B [ @ U f T \ 0 c = _ > x q ^ R m
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump Last edited by J65nko; 3rd March 2009 at 09:15 PM. Reason: typo |
|
|||
It is also possible to specify the character range using numbers. This has the advantage that we can include the '~' (tilde). The shell normally expands '~' , to the home directory of the user.
Another reason for using number is the following: The jot(1) page states: Quote:
Code:
$ jot -r -c 100000 33.5 126.5 | sort | uniq -c 563 ! 1046 " 1104 # 1124 $ 1084 % 1056 & 1089 ' 1083 ( 1104 ) 1086 * 1052 + 1056 , 1092 - 1066 . 1049 / 1099 0 1128 1 1074 2 1092 3 1096 4 1072 5 1035 6 1123 7 1033 8 1061 9 1078 : 1109 ; 1164 < 1079 = 1064 > 1092 ? 1051 @ 1057 A 1083 B 1070 C 1093 D 1041 E 1041 F 1053 G 1039 H 1154 I 1042 J 1035 K 1082 L 1086 M 1068 N 1057 O 1069 P 1109 Q 1064 R 1049 S 1046 T 1084 U 1043 V 1050 W 1067 X 1134 Y 1047 Z 1067 [ 1044 \ 1058 ] 1036 ^ 1045 _ 1096 ` 1049 a 1041 b 1073 c 1025 d 1052 e 1121 f 1097 g 1116 h 1106 i 1090 j 1049 k 1055 l 1093 m 1050 n 1135 o 1079 p 1122 q 1083 r 1063 s 1098 t 1063 u 1042 v 1093 w 1099 x 1047 y 1066 z 1072 { 1130 | 1094 } 484 ~ A small modification improves the frequency of the "!' and '~': Code:
$ jot -r -c 100000 33.01 126.99 | sort | uniq -c 1101 ! 1072 " 1023 # 1063 $ 1098 % 1063 & 1054 ' 1062 ( 1115 ) 1093 * 1049 + 1121 , 1036 - 1085 . 1094 / 1067 0 1045 1 989 2 1061 3 1012 4 1050 5 1013 6 1119 7 1059 8 1021 9 1086 : 1094 ; 1020 < 1101 = 1060 > 1039 ? 1018 @ 1060 A 1046 B 1091 C 1091 D 1077 E 1039 F 1001 G 1055 H 1059 I 1039 J 1062 K 1137 L 1066 M 1063 N 1055 O 1036 P 1124 Q 1070 R 1055 S 1039 T 1076 U 1056 V 1075 W 1073 X 1092 Y 1103 Z 1069 [ 1097 \ 1136 ] 1106 ^ 1110 _ 1011 ` 1055 a 1072 b 1095 c 1036 d 1086 e 1090 f 1023 g 1007 h 1085 i 1012 j 1040 k 1056 l 1067 m 1000 n 1011 o 1063 p 1054 q 1047 r 1110 s 1074 t 1043 u 1059 v 1114 w 1088 x 1050 y 1061 z 1067 { 1049 | 1084 } 1050 ~ Code:
$ jot -r -c 300 33.01 126.99 | rs 0 12 9 U / ~ i 6 v = S @ i L O N E s T ~ ) 8 9 & \ [ < \ 8 r B Q x N ^ W 3 r n ; t H ( k 0 N C k T R r w * k X p ~ H B Z 4 ' z z h m t i < ^ 5 q N U ) l t I ) j y c , s T \ z + j | 6 7 ! C F [ c b ^ w ] 4 a C ` _ l 3 J ~ ; o = > J m 7 n O U w k 8 r $ & N N Q W S M J P g a 9 & { v m C > S { R y d x 0 \ O c % J E M V m z L M " 5 & . G ' q 5 f 2 U h ' r U J 5 r 7 ~ E c " " ' e 3 T _ p h I < 9 ? ' _ v r | } [ @ @ r % M 2 _ 3 - l < e ^ y $ P y ; Q ! Y W v { c 6 G % E n @ ! e O M N J @ M d c d G s ? & v | z { a @ q D . E x + Z _ - + a u ! R 3 u o 9 x = U ~ 7 / * k ? ; T $ $ 0 > 7 S ` > P N h M ` U w A p
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Thanks, that's a nifty little utility(ies). So many utilities I never knew I already had!
Is there a way to have non-continuous character ranges? I just recently ran into the situation of a system that only allowed strict alpha-numeric password sequences (no symbols allowed). Is there a way to pass only that range of 0-9; a-z; A-Z?
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14) |
|
|||
No, jot only handles 1 single range. But with a simple script that is not too difficult to do.
The nr2char.sh script uses an array $c[..] to map numbers in the range 1 to 62 to the 10 digits, 0-9 and the upper and lower case alpabetic characters. NOTE: arrays are not a feature of the standard sh. Both the Korn shell, and recent versions of bash support arrays. I used OpenBSD's standard ksh (a free version of the Korn shell). Code:
#!/bin/ksh c[1]=0 c[2]=1 c[3]=2 c[4]=3 c[5]=4 c[6]=5 c[7]=6 c[8]=7 c[9]=8 c[10]=9 c[11]=A c[12]=B c[13]=C c[14]=D c[15]=E c[16]=F c[17]=G c[18]=H c[19]=I c[20]=J c[21]=K c[22]=L c[23]=M c[24]=N c[25]=O c[26]=P c[27]=Q c[28]=R c[29]=S c[30]=T c[31]=U c[32]=V c[33]=W c[34]=X c[35]=Y c[36]=Z c[37]=a c[38]=b c[39]=c c[40]=d c[41]=e c[42]=f c[43]=g c[44]=h c[45]=i c[46]=j c[47]=k c[48]=l c[49]=m c[50]=n c[51]=o c[52]=p c[53]=q c[54]=r c[55]=s c[56]=t c[57]=u c[58]=v c[59]=w c[60]=x c[61]=y c[62]=z while read NUM ; do echo ${c[$NUM]} done Code:
$ echo 62 | nr2char.sh z The final processing is done by 'rs(1)' to produce human friendlier output Code:
$ jot -w %d -r 200 1.02 62.99 | nr2char.sh | rs 0 10 t 1 L e R p k 2 u V y 8 C P t V m t c i m d 0 M K f C 5 p 7 U j K h v O H A A f j 9 V J I V c m S q u z U 8 o o v p g I m S f J h w p 4 S h r s Q z P 7 l N C 5 o 4 Z T i k 6 p b O 0 y 5 Q Q H 0 H C K V A H u e 1 y D T L l y 5 Q d S T y d k o f O 5 y E X 4 Y b J Z M F a B M C U v U v y U v v F 5 k 5 2 c 8 x L B m F Y X n r D w d G 3 r 6 L n g Q 9 U H c e F 9 I x F e 7 c Q 4 8 9 V 4 B b J J 6 9 p M Code:
$ jot -w %d -r 62000 1.02 62.99 | sort -n | uniq -c 958 1 1016 2 934 3 957 4 1010 5 976 6 992 7 1020 8 1025 9 998 10 1033 11 969 12 999 13 982 14 1040 15 977 16 1023 17 1000 18 1035 19 936 20 1000 21 976 22 966 23 971 24 1014 25 995 26 1021 27 1083 28 994 29 1041 30 1009 31 1005 32 1004 33 1003 34 1069 35 1070 36 997 37 991 38 979 39 993 40 1005 41 974 42 1015 43 1026 44 1030 45 1020 46 962 47 993 48 999 49 971 50 1011 51 991 52 1006 53 1013 54 983 55 968 56 1038 57 985 58 970 59 993 60 969 61 1017 62 Of course real freaks would do a chi square test to make sure these numbers are random. Any volunteers? IIRC Knuth provided such a test in his "Seminumerical Algorithms (Vol II)" The initialization of the array c[i] of the nr2char.sh script was generated by the following script Code:
$ cat generate.sh TEMP=all_chars jot -c 10 48 57 >$TEMP jot -c 26 A Z >>$TEMP jot -c 26 a z >>$TEMP cat -n $TEMP | sed -e 's/^ *//' -e 's/^/c[/' -e 's/ /]=/'
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Generating some 64 characters long ASCII keys for my Netgear wireless AP and Bridge
Code:
$ jot -r -c 1024 33.01 126.99 | rs -g0 16 64 >=*LhQs8_&Z1F}7.K{P:)pf2g]{"dMl.w]o7UB(+TFlCk=D9e:2k#f'Xw{"cx%R3 UCt14WCBsA,[n*W<^+|kXb!uQUYGGm*=q*Gy6_{S83(<KJA#;Fo@[9SvW;l#JWI3 si'zFUJP93jZ4x5v=5|[0(\qX#Mrivj^w5l3$~bF'C24@M-{`bI)nB@RTwNoqb#W jqOpu.4p-X*CwQ70srv,Z{SNc;73H;qi4sE}}D_7W6tatb=7p9lLtb:n/DdwjxN@ .|1{IRhB2'fM_h='`G(4zTl|HD!_biq1p#e^%GG[z_QjmndNNFNBa.uupw-B_>-| %UChL\K5+[be\$R;TG=s+VX@GMbikujA;z|,mJE\d6uPu>Y''8{lp:4$/s*O_DTp *[#83Ny3:8sja[3fjYwSO3vS}!;=N1{,)NQ#o[iKiEOJ#40&4()jRS.IAP8:3FwL P/qi4;%Z\a'8Ff>ga.&L]5=;9ahO5g8g/34WvF^SNG/<`#UM{VDa#C_,"?rsdBG: S"W_de*&xnk#}L*d{xDP$\8`LYBU9?!;/w4n"si0#-a"9H.kC7&*UP2jD._hnvcc uC&\8DIcdo)9C++qx#1/e:<^HQn>8p`{$*h}+Eu0MK+&qqM<"`Cxr1>95Qh$cu,9 &~]nZ58&+t-9,,Lzjh~ys$&mw^0"@Vt7T"|_znTL8u50$Gb5M8X*rSJIRT|-G"bh z4p'KcfxsKk*U6.GR\;___":[<g;"k|:4|Gmempa7bk(]"{f(2En[|(-'\@=_A~_ k`~@E2_Kwzh3\%.2zc$9ylKJ7zz_=xFsd%]ROyS,_jf9hMR|,FMH{;svswa+;VL' *<RoLjF32"UR?&GLEY"c3z.`=+7=j_`N|OIA`7<YrYp8]GS{4V?UP)Kj<9>KEkMy b~<AVEFcapu8uWGa+z}e$A{?<_7_6IZ_T9/[x<S9ypJ4qU&K1-SUII_QE!j'tpdJ n@lz](+ef5)1bYDw-Y8_jt)bIy4V9pj5o<SV5rulXPP9nSgI:vq:m'P}uZM]G6z^ Code:
$ jot -r -c 1024 33.01 126.99 | rs 16 64 N L / ` , S _ B m @ J F j : y 4 0 f % $ = 8 \ ? M a S : 6 l M 4 s ' _ 8 G 3 " b _ 2 . J _ p O " 2 ( ; | & ` W z l E B * G V L % " P E U U ' C ; ` L k $ = [ W | P k G T ( e u e g 8 ~ [ v e \ & ' K m ~ 4 n n 3 6 E = h y . [ J + N | 0 _ y / [ A r ( + T 4 A Z w M ~ 8 U * 7 [ _ H D % c p # # B _ R L b = 6 F [ % " N 0 W T " _ J o - 7 @ D ` X X Y " x P v a 2 = ! ? t o 1 6 = - y ~ E p @ 8 $ ` q A W A b \ P \ A D Y , 2 W L W u Y ) o y $ 9 = f G I } i I # % b * B ? N U 7 0 Z & Y t ; ; s 2 G T O I C ; + 6 : 7 q Y h _ V < " s T ? 4 S g x ] K | Y ) } @ * V F $ T n , ? < { J Y C Y ; e V m U + h b n w f ~ E ) s $ P - g a 7 ( U A r ( ] 8 u T @ c | $ B + [ 5 y I W W C $ 9 l X e , p i D 6 * G D W P r M X o e S r 7 P \ Z . W r Z G e r @ k 1 8 F v % % } y C 8 ? ] j ' c $ " g c { o w I S : J f ^ d ~ f Y : 7 ` E 0 ) % L j C h R d 2 * 0 o / ` R _ ' \ y T * " P | W v _ O ) ` 4 " # 4 & \ " [ n - q ! P P + [ G ^ h = 5 M + V k R Q x o \ K x e " @ d 0 u F B M T # i I s 0 % y ` I y 7 m | % Z - $ W : W , b 1 6 Y B j 4 S k x E R R S A 2 H l 8 T | g q r v * O N K v @ o x Z 4 8 [ { E $ F X 5 6 > q Q ^ h L Y % % 3 b 2 f [ % / u O ) c ` P 2 * t x 6 a ^ < _ 2 i @ / K u . f 8 y / $ N U / Z . B U Y P 0 X C B $ X A = G 3 U l X Y / P # % ? b g " ' G 4 + # _ 6 z m , h q F @ ' ] M N o 2 B + [ J { l f . t u / 9 [ & 3 K . m h . : [ J \ / ? o @ y q + S , h x 3 9 j ! 9 ` " [ c k n V v g , F ~ 7 % 0 k 3 ` y d % S _ : x 8 S v > n ' k N h 7 m b # n L { C # g ~ i ~ U Q 5 m W a X d 0 " 1 y f 5 Y g o c 6 v X P D o l / z A = A Z & L P v ; m P % & [ M " 4 S s ? : . , i 5 o [ : 8 _ g Z p * C + * _ s = 6 ' M Q U s D 4 _ Q . X | T # S A k N l ? % R M D B . + d 8 ! Q 6 Z n a ) I ; a t s 3 P m I 6 Y l I " i D S c & < \ ; > C ` u - b r l 1 y ~ = O B - X [ Z 3 2 n } N G t R r ` } Q & { J , 9 j ! 0 Q P Y n H 6 P F 8 R : B - h b 2 & V W _ L w D M i } a O D = r ` Q g k X 0 f 9 g v | r p 1 s - y - V ` q R ; Y e P 6 $ $ j 3 6 < 4 G { - x / a K \ K j { y L ) Q 3 h B ` b 1 A L + I B / Z U 7 M c Y g E P K x J ~ w D 4 2 5 $ E ) g h ^ z u 1 | 6 6 / t N ? F ~ % J B y % d Q x A A j O
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
A script using the jot(1) approach as described in the previous posts:
Code:
#!/bin/sh TOTAL=300 # total wanted characters LEN=15 # length of password NR=$(echo "scale=2 ; ${TOTAL} / ${LEN}" | bc ) echo "$0: creating $NR passwords with ${LEN} characters" echo jot -r -c $TOTAL 33.01 126.99 | rs 0 ${LEN} | cat -n cat <<END To see the password without spaces please copy the desired password with mouse and press <ENTER> : END read PASSW echo "${PASSW}" | tr -d ' ' # -- end of file Example of usage: Code:
$ ./password-generator ./password-generator: creating 20.00 passwords with 15 characters 1 2 # G # T / { ] V ] 8 O O S @ 2 6 5 V e w K ) = & | ^ } F e ` 3 \ 2 U 3 G ; D o X n Q / f . 4 4 Q , 1 U e ( 8 | z e F + 8 / t 5 0 > ) x S 2 - < ` X y [ { _ P 6 Z Z 8 b # x [ ) | * ! l J } c 7 x f A O D y E . = r U D q z k 8 Y Q _ Z T H M m : ^ T = } ~ t 9 @ T O & C ' Y z ; & U < ? w i 10 o } p i | o o ! g t _ [ A g ^ 11 # ' f " q A K 7 % A 6 G K 7 p 12 O U t + P ~ ) ~ @ ' q L ? { J 13 7 Q ' W ( % _ { b Z z D f $ s 14 e d R & N _ O s C P Z Z [ 9 " 15 P J { v N 3 / a b { F k Z : O 16 4 g , @ = J 4 R B D @ u C ^ : 17 w h x R % D * ) P M \ : b 9 Q 18 r $ e u c { A ) P t E x j } { 19 8 ! ) I b + q + i 8 j 5 8 L ^ 20 " g V r ' 8 8 Z j ` J t 6 v = To see the password without spaces please copy the desired password with mouse and press <ENTER> : P J { v N 3 / a b { F k Z : O PJ{vN3/ab{FkZ:O
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Some really great ideas, I must study the replies (thanks for sharing)!
Here's how I tackled the problem (but see note at end): Code:
# phonetic.awk - Michael S. Sanders 2010 # # This awk program file attempts produce phonetic passwords # (ie - passwords that are easy to remember) using vowels/consonants. # Additionally, the 1st letter of the password is capitalized and # a single digit appended to the result. These two measures will # satisfy the majority of sites that require alpha/numeric/mixed # case passwords. # # Program usage requires two steps: # # - specify a number between 3 and 9 for the variable 'password_len' # # - invoke awk with the name of this file: 'awk -f phonetic.awk' # # sample output of five iterations: Yumo6, Gora5, Limo3, Wojo3, Kusa1 # BEGIN { srand(seed+0) password_len = 5 if (password_len < 3 || password_len > 9) { print "\nEnter a number 3 to 9...\n" exit } print password(password_len) } # --------------------------------------------------------------------------- function password(num, vwl, cns, tmp, bln, j) { vwl = "aeiou" # vowels cns = "bdfghjklmnprstvwy" # consonants ('nice' only no C, X) tmp = toupper(substr(cns, rnum(1, 17), 1)) for (j = 2; j <= num-1; j++) { if (! bln) { tmp = tmp substr(vwl, rnum(1, 5), 1); bln = 1 } else { tmp = tmp substr(cns, rnum(1, 17), 1); bln = 0 } } return tmp rnum(0, 9) } # --------------------------------------------------------------------------- function rnum(low, hi, x, y, z) { x = rand() y = (hi - low) + 1 z = int((x * y) + low) return z } # eof
__________________
www.tacoshack.xyz |
|
|||
http://awk.info/?tip/random has some methods to use a different seed for each run.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Thanks for the help J65nko, appreciate it. Script does run fine in gawk in fact, its plain ol' awk that's being stubborn...
__________________
www.tacoshack.xyz |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
See what process is generating DNS traffic? | Bruco | FreeBSD General | 3 | 2nd July 2009 05:57 PM |
Questions about encrypt local passwords | aleunix | OpenBSD Security | 4 | 2nd June 2008 02:07 PM |
Generating random passwords on FreeBSD | erno | Guides | 3 | 8th May 2008 08:44 AM |