How To Generate a /etc/passwd password hash via the Command Line on Linux

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Profile image of Mattias Geniar

Mattias Geniar, October 26, 2015

Follow me on Twitter as @mattiasgeniar

If you’re looking to generate the /etc/shadow hash for a password for a Linux user (for instance: to use in a Puppet manifest), you can easily generate one at the command line.

$ openssl passwd -1
Password:
Verifying - Password:
$1$3JUKmV3R$vZVeb51f1t6QZUecwuRHX0

If you want to pass along a salt to your password;

$ openssl passwd -1 -salt yoursalt
Password:
$1$yoursalt$5WA5NN0quMJ62v5LCu8kj1

The above examples all prompt your password, so it won’t be visible in the history of the server or in the process listing. If you want to directly pass the password as a parameter, use one of these examples.

$ openssl passwd -1
Password:
Verifying - Password:
$1$rr7ygbpo$v.zYy4J3/B73NF/qsrDZJ0

$ echo 'joske' | openssl passwd -1 -stdin
$1$8HOL7Lpu$wYO7x5kUDw39GfQaVqelP/

By default, this will use an md5 algoritme for your password hash. The openssl tool only allows for those md5 hashes, so if you’re looking for a more secure sha256 hash you can use this python script as shared by Red Hat.

$ python -c "import crypt; print crypt.crypt('joske')"
$6$0LNgXS95nJv2B6hm$BRNf00hyT5xGNRnsLSSn3xDPXIs6l34g2kpex4mh0w/fvGz4MYs02qWjVU5NrbVktoNVNRsHU6MUTUua4J5nO0

There you go!



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.