Create random passwords with OpenSSL/LibreSSL

For a quick way of generating random passwords we can use the OpenSSL utility, part of OpenSSL and LibreSSL.


As system administrators, we know we sometimes have to create passwords. It might be for ourselves, or when creating them for colleagues and customers. For an easy and quick way of generating random passwords, we can use the OpenSSL utility, part of OpenSSL and LibreSSL. This toolkit is often already installed on systems running Linux. OpenSSL has a randomize function. If we feed the output through the base64 function, the scrambled set of characters can be made more human-friendly.

Password Security with Linux /etc/shadow file

Learn the structure of the /etc/shadow file and what the fields mean. After reading, the file should be less cryptic than it was before.


Linux systems use a password file to store accounts, commonly available as /etc/passwd. For additional safety measures, a shadow copy of this file is used which includes the passwords of your users. Or actually hashed password, for maximum security. An example of a password entry in /etc/shadow may look like this: user1:$6$6Y/fI1nx$zQJj6AH9asTNfhxV7NoVgxByJyE.rVKK6tKXiOGNCfWBsrTGY7wtC6Cep6co9eVNkRFrpK6koXs1NU3AZQF8v/:16092:0:99999:7::: For proper display, let’s split this up in several fields: user1 $6$6Y/fI1nx$zQJj6AH9asTNfhxV7NoVgxByJyE.rVKK6tK 16092 0 99999 7 empty empty Field explanations Time to have a look what all these strings mean: