NAME    [Toc]    [Back]

     encrypt - encrypt passwords from the command line  or  standard input

SYNOPSIS    [Toc]    [Back]

     encrypt  [-k]  [-b  rounds]  [-c class] [-m] [-s salt] [-p |
string]
     makekey

DESCRIPTION    [Toc]    [Back]

     encrypt prints the encrypted form of string to the  standard
output.  This
     is  mostly  useful  for  encrypting  passwords  from  within
scripts.

     The options are as follows:

     -k      Run in makekey compatible mode;  a  single  combined
key and salt
             are  read  from standard input and the DES encrypted
result is
             written to standard  output  without  a  terminating
newline.

     -b rounds
             Encrypt  the  string using Blowfish hashing with the
specified
             rounds.

     -c class
             Use the cipher type specified in the given user  login class.  See
             login.conf(5) for more information.

     -m      Encrypt the string using MD5.

     -p      Prompt for a single string with echo turned off.

     -s salt
             Encrypt  the  string  using  DES, with the specified
salt.

     If no string is specified, encrypt reads one string per line
from standard
  input,  encrypting  each one with the chosen algorithm
from above.  In
     the case where no specific algorithm or specific user  login
class was
     given  as  a command line option, the algorithm specified in
the default
     class in /etc/login.conf will be used.

     For MD5 and Blowfish, a new  random  salt  is  automatically
generated for
     each password.

     Specifying the string on the command line should be discouraged; using
     the standard input is more secure.

FILES    [Toc]    [Back]

     /etc/login.conf

SEE ALSO    [Toc]    [Back]

     crypt(3), login.conf(5)

HISTORY    [Toc]    [Back]

     encrypt first appeared in OpenBSD 1.2.

     A makekey command appeared in Version 7 AT&T UNIX.

OpenBSD      3.6                           May      18,      1999