Lib.rs

Command line utilities
#password #hash #utils

bin+lib pwtool

pwtool, user account password tool

by ed neville

2 unstable releases

new 0.4.0 Mar 3, 2025
0.3.3 Mar 1, 2025

#1870 in Command line utilities

Download history

58 downloads per month

GPL-3.0-or-later

23KB
521 lines

pwtool

Generate passwords from random characters or words and optionally show their cryptographic hash.

The default generated password set is copy/paste friendly without extended characters that would break the default copy selection you get when double-clicking a word. They also are don't break quotation strings (quote marks, double quotes or backticks).

installing

git clone https://gitlab.com/edneville/pwtool.git
cd pwtool
cargo build --release

please or sudo

please install -m0755 -o0 -g0 target/release/pwtool /usr/local/bin/

snap

please snap install pwtool

modifiers

lowercase, uppercase, numeric and extended will set requirements on the passwords.

word lists

If you want a password generated from words rather than a mixture of letters and numbers, use the words option, which by default uses the file /usr/share/dict/words. Use wordsfile to specify a different list.

cryptographic hash

The --md5, --bcrypt, --des, --sha1, --sha256 and --sha512 options will print the cryptographic hash which can be used instead of storing the password in some systems.

The hash output can be used with useradd/usermod or .htaccess:

LINE=`pwtool --number 1 --sha256`
PW="${LINE% *}"
HASH="${LINE##* }"
USR=newuser
useradd -m -p "$HASH" -s /bin/bash $USR
echo "Password for $USR  is $PW"

Or issue a new password to an existing user with usermod:

LINE=`pwtool --number 1 --sha256`
PW=`echo "$LINE" | sed -e 's/ .*//g'`
HASH=`echo "$LINE" | sed -e 's/.* //g'`
USR=newuser
usermod -p "$HASH" $USR
echo "Password for $USR is now $PW"

format strings

With --format the variables can be used to output a custom string.

The variables (below) can be used within a --format string to output in a convenient way:

pwtool --username thingy --format "useradd -m -s /bin/bash -p '%{sha256}' %{username} # %{password}\n"

This then outputs like this:

useradd -m -s /bin/bash -p '$5$YLtTnPhYiQ891nAz$SHzSCc5vMIARxd4PYtxIOZ7mGICNsLGEGimMyFpRjE7' thingy # 8OtQUoUjV9

You can then copy/paste that around different systems where people need the same account.

Another common way is to use it for mysql setup at the same time:

pwtool --username thingy --database thing --format "grant all privileges on %{database}.* to %{username}@'%' identified with mysql_native_password as '%{mysql}';\n";
variable output
%{des} traditional crypt
%{bcrypt} BSD standard hash
%{md5} MD5 hash
%{sha1} HMAC SHA1
%{sha256} SHA256
%{sha512} SHA512
%{mysql} password in mysql_native format
%{password} cleartext password
%{username} placeholder for --username
%{database} placeholder for --database
%{postgres} postgres SCRAM-SHA-256 password

Dependencies

~6.5MB
~98K SLoC