Generating strong passwords from the command line using a password generator tool

Introduction

I use KeePassX (a KeePass implementation) to securely generate and store all my secrets and passwords.

There are times however where I need to generate a strong password but I don’t have KeePassX (or any other KeePass implementation) immediately available to me.

Issue

There are many different ways to generate strong passwords on a Linux system. If you Google for a solution, you’ll find a number of completely different solutions, of varying levels of complexity.

Ideally, the password generation tool (or process) should be/have:

  • Easy to acquire (preferably through a distributions official repo)
  • Minimal dependencies
  • Simple to remember and use
  • Widely available (across different distributions)

Solution

I recommend “pwgen” because its:

  • Available in the official Debian and Ubuntu repositories, and it’s available through EPEL for CentOS.
  • Only has a single dependency, libc
  • Simple enough. To generate a single, secure, with special characters/symbols, password of a length of 25 characters:
    pwgen -N1 -s -y 25
    
  • Available in Ubuntu, Debian and CentOS — which is a good start and is enough for my requirements. pcgen’s minimal set of dependencies probably mean that it’s very portable too.
  • Bonus: It’s written by Ted Ts’o — which helps to add legitimacy to the program’s security