xref: /openbsd/usr.bin/encrypt/encrypt.1 (revision 4bdff4be) 
1.\"	$OpenBSD: encrypt.1,v 1.25 2014/12/24 22:04:26 tedu Exp $
2.\"
3.\" Copyright (c) 1996, Jason Downs.  All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright
9.\"    notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\"    notice, this list of conditions and the following disclaimer in the
12.\"    documentation and/or other materials provided with the distribution.
13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS
15.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
17.\" DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT,
18.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
19.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
20.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
21.\" CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24.\" SUCH DAMAGE.
25.\"
26.Dd $Mdocdate: December 24 2014 $
27.Dt ENCRYPT 1
28.Os
29.Sh NAME
30.Nm encrypt
31.Nd encrypt passwords from the command line or standard input
32.Sh SYNOPSIS
33.Nm encrypt
34.Op Fl b Ar rounds
35.Op Fl c Ar class
36.Op Fl p | Ar string
37.Sh DESCRIPTION
38.Nm
39prints the encrypted form of
40.Ar string
41to the standard output.
42This is mostly useful for encrypting passwords from within scripts.
43.Pp
44The options are as follows:
45.Bl -tag -width Ds
46.It Fl b Ar rounds
47Encrypt the string using Blowfish hashing with the specified number of
48.Ar rounds .
49May also specify 'a' to request a variable number of rounds scaled to the
50machine's CPU capabilities.
51.It Fl c Ar class
52Use the cipher type specified in the given user login class.
53See
54.Xr login.conf 5
55for more information.
56.It Fl p
57Prompt for a single string with echo turned off.
58.El
59.Pp
60If no
61.Ar string
62is specified,
63.Nm
64reads one string per line from standard input, encrypting each one.
65In the case where no specific algorithm or specific user login class was given
66as a command line option, the algorithm specified in the default class in
67.Pa /etc/login.conf
68will be used.
69.Pp
70For Blowfish, a new random salt is automatically generated for each
71password.
72.Pp
73Specifying the
74.Ar string
75on the command line should be discouraged; using the
76standard input is more secure.
77.Sh FILES
78.Bl -tag -width /etc/login.conf -compact
79.It Pa /etc/login.conf
80.El
81.Sh SEE ALSO
82.Xr crypt_newhash 3 ,
83.Xr login.conf 5
84.Sh HISTORY
85.Nm
86first appeared in
87.Ox 1.2 .
88