Menu
I'm searching for a way to hash a password using BCRYPT in a BASH script. I've searched high and low, and googled all the things ... the closest I've come is maybe an implementation using openssl, but the method is still unclear.
I am in a closed system with no external access, and python is not installed.
I am proficient at writing in BASH and am using GNU Bash, version 4.1.2(2)-release (x86_64-redhat-linux-gnu).
Interested in suggestions for a solution in pure BASH/AWK or any other implementation native to a common RHEL Shell.
Perl is installed, but I'd prefer to stay away from that option, least of which, I don't know Perl ... there's a social stigma associated with Perl ... (hahaha.c)
Thanks!
844
The bcrypt function is the default password hash algorithm for OpenBSD and was the default for some Linux distributions such as SUSE Linux.
A lot of your research is correct and still applies in 2021, so it is still secure to use BCrypt (which usually generates its own random salt for each password). Good password hashing algorithms are Argon2, SCrypt and BCrypt, they all offer a cost factor which controls the necessary time.
TL;DR; SHA1, SHA256, and SHA512 are all fast hashes and are bad for passwords. SCRYPT and BCRYPT are both a slow hash and are good for passwords. Always use slow hashes, never fast hashes.
This is what I use
leo@xxx:~$ htpasswd -nbBC 10 USER topsecret
USER:$2y$10$vDtCxgJ4DIZ1itAAq6NDkedmaDFHlPdlpLY.EiEa3QBXHnH0oLatW
Please note the salt prefix (i.e. $2a or $2y) could be different in different system/platform.
My computer
leo@xxx:~$ uname -a
Linux xxx 5.0.0-37-generic #40~18.04.1-Ubuntu SMP Thu Nov 14 12:06:39 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
