|
| 1 | +# Introduction |
| 2 | +It's not uncommon situation where you will need to generate a random password that you can use for any software installation or when you sign-up to any website. |
| 3 | + |
| 4 | +There are a lot of options in order to achieve this. You can use a password manager/vault where you often have the option to randomly generate a password or to use a website that can generate the password on your behalf. |
| 5 | + |
| 6 | +You can also use Bash in your terminal (command-line) to generate a password that you can quickly use. There are a lot of ways to achieve that and I will make sure to cover few of them and will leave up to you to choose which option is most suitable with your needs. |
| 7 | + |
| 8 | +# Script summary |
| 9 | + |
| 10 | +Let me first do a quick summary of what our script is going to do.: |
| 11 | + |
| 12 | +1. We will have to option to choose the password characters length when the script is executed. |
| 13 | +2. We will ask the user if they want to save the password in the log file and |
| 14 | +3. If the user wants to save the password we will ask for some details about the password before the password is saved in the log file. |
| 15 | + |
| 16 | +# Prerequisites |
| 17 | + |
| 18 | +You would need a bash terminal and a text editor. You can use any text editor like vi, vim, nano or Visual Studio Code. |
| 19 | + |
| 20 | +I'm running the script locally on my Linux laptop but if you're using Windows PC you can ssh to any server of your choice and execute the script there. |
| 21 | + |
| 22 | +Although the script is pretty simple, having some basic BASH scripting knowledge will help you to better understand the script and how it's working. |
| 23 | + |
| 24 | +# Generate a random password |
| 25 | +One of the great benefits of Linux is that you can do a lot of things using different methods. When it comes to generating a random string of characters it's not different as well. |
| 26 | + |
| 27 | +You can use several commands in order to generate a random string of characters. I will cover few of them and will provide some examples. |
| 28 | + |
| 29 | +- Using the ```date``` command. |
| 30 | +The date command will output the current date and time. However we also further manipulate the output in order to use it as randomly generated password. We can hash the date using md5, sha or just run it through base64. These are few examples: |
| 31 | + |
| 32 | +``` |
| 33 | +date | md5sum |
| 34 | +94cb1cdecfed0699e2d98acd9a7b8f6d - |
| 35 | +``` |
| 36 | +using sha256sum: |
| 37 | + |
| 38 | +``` |
| 39 | +date | sha256sum |
| 40 | +30a0c6091e194c8c7785f0d7bb6e1eac9b76c0528f02213d1b6a5fbcc76ceff4 - |
| 41 | +``` |
| 42 | +using base64: |
| 43 | +``` |
| 44 | +date | base64 |
| 45 | +0YHQsSDRj9C90YMgMzAgMTk6NTE6NDggRUVUIDIwMjEK |
| 46 | +``` |
| 47 | + |
| 48 | +- We can also use openssl in order to generate pseudo-random bytes and run the output through base64. An example output will be: |
| 49 | +``` |
| 50 | +openssl rand -base64 10 |
| 51 | +9+soM9bt8mhdcw== |
| 52 | +``` |
| 53 | +Keep in mind that openssl might not be installed on your system so it's likely that you will need to install it first in order to use it. |
| 54 | + |
| 55 | +- The most preferred way is to use the pseudorandom number generator - /dev/urandom |
| 56 | +since it is intended for most cryptographic purposes. We would also need to manipulate the output using ```tr``` in order to translate it. An example command is: |
| 57 | + |
| 58 | +``` |
| 59 | +tr -cd '[:alnum:]' < /dev/urandom | fold -w10 | head -n 1 |
| 60 | +``` |
| 61 | +With this command we take the output from /dev/urandom and translate it with ```tr``` while using all letters and digits and print the desired number of characters. |
| 62 | + |
| 63 | +# The script |
| 64 | +First we begin the script with the shebang. We use it to tell the operating system which interpreter to use to parse the rest of the file. |
| 65 | +``` |
| 66 | +#!/bin/bash |
| 67 | +``` |
| 68 | +Then we can define the log file path as variable which we're going to use later in the script: |
| 69 | + |
| 70 | +``` |
| 71 | +# Log file location |
| 72 | +log_file=~/pass_log.txt |
| 73 | +``` |
| 74 | +We can also run a check if the log file exists and if not to create it in the user's home directory: |
| 75 | + |
| 76 | +``` |
| 77 | +# Check if the log file is present and if not, create it |
| 78 | +if [[ !log_file ]]; then |
| 79 | + touch ~/pass_log.txt |
| 80 | +fi |
| 81 | +``` |
| 82 | +We can then continue and ask the user for some input. In this case we would like to know how many characters the password needs to be: |
| 83 | + |
| 84 | +``` |
| 85 | +# Ask user for password length |
| 86 | +clear |
| 87 | +printf "\n" |
| 88 | +read -p "How many characters you would like the password to have? " pass_lenght |
| 89 | +printf "\n" |
| 90 | +``` |
| 91 | +Generate the password and then print it so the user can copy it. |
| 92 | +``` |
| 93 | +pass_output=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w${pass_lenght} | head -n 1) |
| 94 | +# Print the password |
| 95 | +printf "$pass_output\n" |
| 96 | +``` |
| 97 | +Ask the user if they want to save the password in the password log file: |
| 98 | +``` |
| 99 | +read -p "Would you like to save the password in the pass-log? Answer with: y or n: " log_pass |
| 100 | +``` |
| 101 | +Check if the user wants to save the password in the log. Log the file if the answer is yes else exit the script. |
| 102 | +``` |
| 103 | +if [[ ${log_pass} == n ]]; then |
| 104 | + printf "Goodbye, ${USER}!\n" |
| 105 | +exit 0 |
| 106 | +else |
| 107 | + read -p "What is this password for? " source && echo "${source} - ${pass_output}" >> ${log_file} |
| 108 | + printf "Password is saved in the pass-log. Goodbye, ${USER}!\n" |
| 109 | +``` |
| 110 | +If we want to check the log file and see if the password was saved, all we need to do is ```cat ```the file: |
| 111 | +``` |
| 112 | +cat ~/pass_log.txt |
| 113 | +``` |
| 114 | +An example output will be: |
| 115 | + |
| 116 | +``` |
| 117 | +DevDojo - VyJ3Kn7ltN |
| 118 | +``` |
| 119 | + |
| 120 | +# The full script: |
| 121 | +``` |
| 122 | +#!/bin/bash |
| 123 | +#======================================= |
| 124 | +# Password generator with login option |
| 125 | +#======================================= |
| 126 | +# Log file location |
| 127 | +log_file=~/pass_log.txt |
| 128 | +
|
| 129 | +# Check if the log file is present and if not, create it |
| 130 | +if [[ !log_file ]]; then |
| 131 | + touch ~/pass_log.txt |
| 132 | +fi |
| 133 | +
|
| 134 | +# Ask user for password length |
| 135 | +clear |
| 136 | +printf "\n" |
| 137 | +read -p "How many characters you would like the password to have? " pass_lenght |
| 138 | +printf "\n" |
| 139 | +
|
| 140 | +# This is where the magic happens! |
| 141 | +# Generate the password and cut it to the desired value provided from the user |
| 142 | +pass_output=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w${pass_lenght} | head -n 1) |
| 143 | +
|
| 144 | +# Print the password so the user can copy it |
| 145 | +printf "$pass_output\n" |
| 146 | +
|
| 147 | +#Ask user if the password needs to be saved in the log file |
| 148 | +printf "\n" |
| 149 | +read -p "Would you like to save the password in the pass-log? Answer with: y or n: " log_pass |
| 150 | +
|
| 151 | +#Ask user if the password needs to be saved in the log file |
| 152 | +printf "\n" |
| 153 | +if [[ ${log_pass} == n ]]; then |
| 154 | + printf "Goodbye, ${USER}!\n" |
| 155 | +exit 0 |
| 156 | +else |
| 157 | + read -p "What is this password for? " source && echo "${source} - ${pass_output}" >> ${log_file} |
| 158 | + printf "Password is saved in the pass-log. Goodbye, ${USER}!\n" |
| 159 | +fi |
| 160 | +``` |
| 161 | + |
| 162 | +# Conclusion |
| 163 | +This is pretty much how you can use simple bash script to generate random passwords that you can just use one time or save it in a log file. |
| 164 | + |
| 165 | +While the script is working fine, it expects that the user will provide the requested input. In order to prevent any issues you would need to do some more advance checks on the user input in order to make sure the script will continue to work fine even if the provided input does not match our needs. |
| 166 | + |
| 167 | +I will make sure to cover the more advance checks or the user input in of my next blog posts. |
| 168 | + |
| 169 | +I hope you find this useful and would like to hear what do you think about logging passwords using local scripts and if you have custom build scripts to generate and save passworss. |
| 170 | + |
| 171 | +Let me know if you face any issues with the script or if you have any recommendations as well. |
| 172 | + |
| 173 | +# Contributed by |
| 174 | +Alex Georgiev |
0 commit comments