BASH - Generate-Password.sh: Difference between revisions

From IT-Arts.net
← Older edit
m Text replacement - "Category:Post-It" to "Category:Wiki"
m Text replacement - "Category:Wiki" to "Category:Wiki '''''[https://it-arts.net/index.php/Category:Wiki Return to Wiki Index]''''' "
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[Category:Wiki]]
[[Category:Wiki]]
'''''[https://it-arts.net/index.php/Category:Wiki Return to Wiki Index]'''''




Line 19: Line 22:
# -y, --symbols | Include at least one special character in the password.
# -y, --symbols | Include at least one special character in the password.
#
#
# $1, '-y' option or password lenght
# $1, '-y' option or password length
#
#
# $2, password lenght if '-y' option is used
# $2, password length if '-y' option is used


exclude_chars="iI1oO0"


# Function to filter out excluded characters
filter_password() {
    local password=$1
    for char in $(echo $exclude_chars | sed 's/\(.\)/\1 /g'); do
        password=$(echo $password | tr -d $char)
    done
    echo $password
}


if [ $1 = "-y" ]
# Function to regenerate password until it reaches desired length
then
generate_password() {
    local length=$1
    local include_symbols=$2
    local password=""
   
    while true; do
        if [ "$include_symbols" == "yes" ]; then
            # Generate password with symbols (using -y option of pwgen)
            password=$(pwgen -N 1 -s -y $length)  # The -y option guarantees at least one symbol
        else
            # Generate password without symbols
            password=$(pwgen -N 1 $length)
        fi


pwgen -N 1 -s $1 $2
        # Apply the filter to exclude unwanted characters
        filtered_password=$(filter_password "$password")


elif [[ $1 == +([[:digit:]]) ]]
        # If the filtered password is long enough, return it
then
        if [ ${#filtered_password} -ge $length ]; then
            echo $filtered_password
            break
        fi
    done
}


pwgen -N 1 -s $1
if [ "$1" = "-y" ]; then
    # Generate password with symbols and filter unwanted characters
    password=$(generate_password "$2" "yes")
    echo "PASSWORD WITH SPECIAL CHARS : "
    echo $password
 
elif [[ "$1" =~ ^[0-9]+$ ]]; then
    # Generate password without symbols and filter unwanted characters
    password=$(generate_password "$1" "no")
    echo "PASSWORD WITHOUT SPECIAL CHARS : "
    echo $password


else
else
 
    echo "USAGE: ./this-script.sh <'-y' for symbols> <Password Length integer>"
echo "USAGE: ./this-script.sh <'-y' for symbols> <Password Lenght integer>"
 
fi
fi


exit 0</nowiki>
exit 0</nowiki>
== 'pwgen' Manpage ==
<nowiki>
PWGEN(1)                                                                                  General Commands Manual                                                                                  PWGEN(1)
NAME
      pwgen - generate pronounceable passwords
SYNOPSIS
      pwgen [ OPTION ] [ pw_length ] [ num_pw ]
DESCRIPTION
      The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible.  Human-memorable passwords are never going to be as secure as completely
      completely random passwords.  In particular, passwords generated by pwgen without the -s option should not be used in places where the password could be attacked via an off-line brute-force  attack.
      On the other hand, completely randomly generated  passwords have a tendency to be written down, and are subject to being compromised in that fashion.
      The  pwgen program is designed to be used both interactively, and in shell scripts.  Hence, its default behavior differs depending on whether the standard output is a tty device or a pipe to another
      program.  Used interactively, pwgen will display a screenful of passwords, allowing the user to pick a single password, and then quickly erase the screen.  This prevents someone from being  able  to
      "shoulder surf" the user's chosen password.
      When standard output (stdout) is not a tty, pwgen will only generate one password, as this tends to be much more convenient for shell scripts, and in order to be compatible with previous versions of
      this program.
OPTIONS
      -0, --no-numerals
              Don't include numbers in the generated passwords.
      -1    Print the generated passwords one per line.
      -A, --no-capitalize
              Don't bother to include any capital letters in the generated passwords.
      -a, --alt-phonics
              This option doesn't do anything special; it is present only for backwards compatibility.
      -B, --ambiguous
              Don't use characters that could be confused by the user when printed, such as 'l' and '1', or '0' or 'O'.  This reduces the number of possible passwords significantly, and as such reduces the
              quality of the passwords.  It may be useful for users who have bad vision, but in general use of this option is not recommended.
      -c, --capitalize
              Include at least one capital letter in the password.  This is the default if the standard output is a tty device.
      -C    Print the generated passwords in columns.  This is the default if the standard output is a tty device.
      -N, --num-passwords=num
              Generate num passwords.  This defaults to a screenful if passwords are printed by columns, and one password otherwise.
      -n, --numerals
              Include at least one number in the password.  This is the default if the standard output is a tty device.
      -H, --sha1=/path/to/file[#seed]
              Will  use  the  sha1's  hash  of given file and the optional seed to create password. It will allow you to compute the same password later, if you remember the file, seed, and pwgen's options
              used.  ie: pwgen -H ~/your_favorite.mp3#your@email.com gives a list of possibles passwords for your pop3 account, and you can ask this list again and again.
              WARNING: The passwords generated using this option are not very random.  If you use this option, make sure the attacker can not obtain a copy of the file.  Also, note that  the  name  of  the
              file may be easily available from the ~/.history or ~/.bash_history file.
      -h, --help
              Print a help message.
      -r chars, --remove-chars=chars
              Don't use the specified characters in password.  This option will disable the phomeme-based generator and uses the random password generator.
      -s, --secure
              Generate completely random, hard-to-memorize passwords.  These should only be used for machine passwords, since otherwise it's almost guaranteed that users will simply write the password on a
              piece of paper taped to the monitor...
      -v, --no-vowels
              Generate random passwords that do not contain vowels or numbers that might be mistaken for vowels.  It provides less secure passwords to allow system administrators to not have to worry  with
              random passwords accidentally contain offensive substrings.
      -y, --symbols
              Include at least one special character in the password.
AUTHOR
      This  version  of pwgen was written by Theodore Ts'o <tytso@alum.mit.edu>.  It is modelled after a program originally written by Brandon S. Allbery, and then later extensively modified by Olaf Titz,
      Jim Lynch, and others.  It was rewritten from scratch by Theodore Ts'o because the original program was somewhat of a hack, and thus hard to maintain, and because the licensing status of the program
      was unclear.
SEE ALSO
      passwd(1)
pwgen version 2.08                                                                              August 2017                                                                                        PWGEN(1)
</nowiki>


== Source ==
== Source ==
Line 151: Line 98:
  Uppercase letters and digits are placed in a way that eases
  Uppercase letters and digits are placed in a way that eases
  remembering their position when memorizing only the word.</nowiki>
  remembering their position when memorizing only the word.</nowiki>


== Usefull Links ==
== Usefull Links ==

Latest revision as of 07:05, 17 January 2026


Return to Wiki Index



Script

#!/bin/bash
#
# Script based on pwgen package, where :
#
# -N, --num-passwords=num | Generate num passwords.
#
# -s, --secure | Generate completely random, hard-to-memorize passwords.
#                These should only be used for machine passwords, since otherwise 
#                it's almost guaranteed that users will simply write the password
#                on a piece of paper taped to the monitor...
#
# -y, --symbols | Include at least one special character in the password.
#
# $1, '-y' option or password length
#
# $2, password length if '-y' option is used

exclude_chars="iI1oO0"

# Function to filter out excluded characters
filter_password() {
    local password=$1
    for char in $(echo $exclude_chars | sed 's/\(.\)/\1 /g'); do
        password=$(echo $password | tr -d $char)
    done
    echo $password
}

# Function to regenerate password until it reaches desired length
generate_password() {
    local length=$1
    local include_symbols=$2
    local password=""
    
    while true; do
        if [ "$include_symbols" == "yes" ]; then
            # Generate password with symbols (using -y option of pwgen)
            password=$(pwgen -N 1 -s -y $length)  # The -y option guarantees at least one symbol
        else
            # Generate password without symbols
            password=$(pwgen -N 1 $length)
        fi

        # Apply the filter to exclude unwanted characters
        filtered_password=$(filter_password "$password")

        # If the filtered password is long enough, return it
        if [ ${#filtered_password} -ge $length ]; then
            echo $filtered_password
            break
        fi
    done
}

if [ "$1" = "-y" ]; then
    # Generate password with symbols and filter unwanted characters
    password=$(generate_password "$2" "yes")
    echo "PASSWORD WITH SPECIAL CHARS : "
    echo $password

elif [[ "$1" =~ ^[0-9]+$ ]]; then
    # Generate password without symbols and filter unwanted characters
    password=$(generate_password "$1" "no")
    echo "PASSWORD WITHOUT SPECIAL CHARS : "
    echo $password

else
    echo "USAGE: ./this-script.sh <'-y' for symbols> <Password Length integer>"
fi

exit 0

Source

This script is based on Package: 

pwgen
Version: 2.08-2
Installed-Size: 51
Maintainer: Theodore Y. Ts'o <tytso@mit.edu>
Architecture: amd64
Depends: libc6 (>= 2.14)
Description-en: Automatic Password generation
 pwgen generates random, meaningless but pronounceable passwords.
 These passwords contain either only lowercase letters, or upper
 and lower case mixed, or digits thrown in.
 Uppercase letters and digits are placed in a way that eases
 remembering their position when memorizing only the word.
Retrieved from "https://it-arts.net/index.php?title=BASH_-_Generate-Password.sh&oldid=876"