Change submitted by Doug Kaufman. He writes:

[openssl.git] / doc / apps / passwd.pod

=pod

=head1 NAME

passwd - compute password hashes

=head1 SYNOPSIS

B<openssl passwd>
[B<-crypt>]
[B<-1>]
[B<-apr1>]
[B<-salt> I<string>]
[B<-in> I<file>]
[B<-stdin>]
[B<-noverify>]
[B<-quiet>]
[B<-table>]
{I<password>}

=head1 DESCRIPTION

The B<passwd> command computes the hash of a password typed at
run-time or the hash of each password in a list.  The password list is
taken from the named file for option B<-in file>, from stdin for
option B<-stdin>, or from the command line, or from the terminal otherwise.
The Unix standard algorithm B<crypt> and the MD5-based BSD password
algorithm B<1> and its Apache variant B<apr1> are available.

=head1 OPTIONS

=over 4

=item B<-crypt>

Use the B<crypt> algorithm (default).

=item B<-1>

Use the MD5 based BSD password algorithm B<1>.

=item B<-apr1>

Use the B<apr1> algorithm (Apache variant of the BSD algorithm).

=item B<-salt> I<string>

Use the specified salt.
When reading a password from the terminal, this implies B<-noverify>.

=item B<-in> I<file>

Read passwords from I<file>.

=item B<-stdin>

Read passwords from B<stdin>.

=item B<-noverify>

Don't verify when reading a password from the terminal.

=item B<-quiet>

Don't output warnings when passwords given at the command line are truncated.

=item B<-table>

In the output list, prepend the cleartext password and a TAB character
to each password hash.

=back

=head1 EXAMPLES

B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.

B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.

B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.

=cut