pwhash(1) [netbsd man page]

PWHASH(1)						    BSD General Commands Manual 						 PWHASH(1)

NAME

     pwhash -- hashes passwords from the command line or standard input

SYNOPSIS

     pwhash [-km] [-b rounds] [-S rounds] [-s salt] [-p | string]

DESCRIPTION

     pwhash prints the encrypted form of string to the standard output.  This is mostly useful for encrypting passwords from within scripts.

     The options are as follows:

     -b rounds
	     Encrypt the string using Blowfish hashing with the specified rounds.

     -k      Run in makekey(8) compatible mode.  A single combined key (eight chars) and salt (two chars) with no intermediate space are read from
	     standard input and the DES encrypted result is written to standard output without a terminating newline.

     -m      Encrypt the string using MD5.

     -p      Prompt for a single string with echo turned off.

     -S rounds
	     Encrypt the salt with HMAC-SHA1 using the password as key and the specified rounds as a hint for the number of iterations.

     -s salt
	     Encrypt the string using DES, with the specified salt.

     If no string is specified, pwhash reads one string per line from standard input, encrypting each one with the chosen algorithm from above.
     In the event that no specific algorithm is given as a command line option, the algorithm specified in the default class in /etc/passwd.conf
     will be used.

     For MD5 and Blowfish a new random salt is automatically generated for each password.

     Specifying the string on the command line should be discouraged; using the standard input is more secure.

FILES

     /etc/passwd.conf

SEE ALSO

     crypt(3), passwd.conf(5)

BSD
								 October 16, 2009							       BSD

crypt_sunmd5(5) 					Standards, Environments, and Macros					   crypt_sunmd5(5)

NAME

       crypt_sunmd5 - password hashing module using MD5 message hash algorithm

SYNOPSIS

       /usr/lib/security/$ISA/crypt_sunmd5.so

DESCRIPTION

       The crypt_sunmd5 module is a one-way password hashing module for use with crypt(3C) that uses the MD5 message hash algorithm. The algorithm
       identifier for crypt.conf(4) and policy.conf(4) is md5.

       This module is designed to make it difficult to crack passwords that use brute force attacks based on high speed MD5  implementations  that
       use code inlining, unrolled loops, and table lookup.

       The maximum password length for crypt_sunmd5 is 255 characters.

       The following options can be passed to the module by means of crypt.conf(4):

       rounds=<positive_number>

	   Specifies  the number of additional rounds of MD5 to use in generation of the salt; the default number of rounds is 4096. Negative val-
	   ues have no effect and are ignored, that is, the number of rounds cannot be lowered below 4096.

	   The number of additional rounds is stored in the salt string returned by crypt_gensalt(3C). For example:

	   $md5,rounds=1000$nlxmTTpz$

	   When crypt_gensalt(3C) is being used to generate a new salt, if the number of additional rounds configured in crypt.conf(4) is  greater
	   than  that  in the old salt, the value from crypt.conf(4) is used instead. This allows for migration to stronger (but more time-consum-
	   ing) salts on password change.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |Safe			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       passwd(1), crypt(3C), crypt_genhash_impl(3C), crypt_gensalt(3C), crypt_gensalt_impl(3C), getpassphrase(3C), crypt.conf(4), passwd(4),  pol-
       icy.conf(4), attributes(5)

SunOS 5.10							    23 Dec 2003 						   crypt_sunmd5(5)