If you’re looking to generate the
/etc/shadow hash for a password for a Linux user (for instance: to use in a Puppet manifest), you can easily generate one at the command line.
$ openssl passwd -1 Password: Verifying - Password: $1$3JUKmV3R$vZVeb51f1t6QZUecwuRHX0
If you want to pass along a salt to your password;
$ openssl passwd -1 -salt yoursalt Password: $1$yoursalt$5WA5NN0quMJ62v5LCu8kj1
The above examples all prompt your password, so it won’t be visible in the
history of the server or in the process listing. If you want to directly pass the password as a parameter, use one of these examples.
$ openssl passwd -1 Password: Verifying - Password: $1$rr7ygbpo$v.zYy4J3/B73NF/qsrDZJ0 $ echo 'joske' | openssl passwd -1 -stdin $1$8HOL7Lpu$wYO7x5kUDw39GfQaVqelP/
By default, this will use an
md5 algoritme for your password hash. The
openssl tool only allows for those
md5 hashes, so if you’re looking for a more secure
sha256 hash you can use this python script as shared by Red Hat.
$ python -c "import crypt; print crypt.crypt('joske')" $6$0LNgXS95nJv2B6hm$BRNf00hyT5xGNRnsLSSn3xDPXIs6l34g2kpex4mh0w/fvGz4MYs02qWjVU5NrbVktoNVNRsHU6MUTUua4J5nO0
There you go!