Unix & Linux: Manually generate password for /etc/shadow (8 Solutions!!)

Опубликовано: 09 Февраль 2025
на канале: Roel Van de Paar

Unix & Linux: Manually generate password for /etc/shadow

The Question: I need to manually edit /etc/shadow to change the root password inside of a
virtual machine image.
Is there a command-line tool that takes a password and generates an /etc/shadow
compatible password hash on standard out?

Solutions: Please watch the whole video to see all solutions, in order of how many people found them helpful

== This solution helped 139 people ==
You can use following commands for the same:
*** Method 1 (md5, sha256, sha512) ***
openssl passwd -6 -salt xyz yourpass
Note: passing -1 will generate an MD5 password, -5 a SHA256 and -6 SHA512
(recommened)
*** Method 2 (md5, sha256, sha512) ***
mkpasswd --method=SHA-512 --stdin
Methods accepts md5, sha-256 and sha-512
*** Method 3 (des, md5, sha256, sha512) ***
As @tink suggested, we can update password using chpasswd using :
echo "username:password" | chpasswd
Or you can use encrypted password with chpasswd. First generate it using this:
perl -e 'print crypt("YourPasswd", "salt", "sha512"),"n"'
Then later you can use generated password to update:
echo "username:encryptedPassWd" | chpasswd -e
This encrypted password we can use to create a new user with password, for
example:
useradd -p 'encryptedPassWd' username

== This solution helped 37 people ==
On Ubuntu 12.04, there is mkpasswd (from the whois package): Overfeatured front
end to crypt(3)
mkpasswd -m sha-512 -S saltsalt -s ＜＜＜ YourPass
Where:
-m = Compute the password using the TYPE method. If TYPE is help then the
available methods are printed.
-S = salt used.
E.g.
$ mkpasswd -m help

-s = Read password from stdin

== This solution helped 3 people ==
For those without Debian based systems. Python3 works just as well.
python3 -c 'import crypt; print(crypt.crypt("test"))'
NOTE: The string "test" is the password that we're generating as a crypted
string.

== This solution helped 17 people ==
This solution has the following benefits:
Nothing additional to install
Does not store the password in your shell history
Generates a random salt for you
Uses a modern, strong hashing algorithm, SHA-512
Re-prompts for the password to avoid mistakes.
$ python3 -c "from getpass import getpass; from crypt import *;
p=getpass(); print('n'+crypt(p, METHOD_SHA512)) if p==getpass('Please
repeat: ') else print('nFailed repeating.')"
*** References ***
https://serverfault.com/questions/330...
password-for-shadow/330072#comment910286_330072
https://docs.python.org/3/library/cry...

== This solution helped 2 people ==
Yet another method to generate passwords, is using the openssl tool.
Generate MD5 passwords
openssl passwd -1 -salt SaltSalt SecretPassword
output: $1$SaltSalt$FSYmvnuDuSP883uWgYBXW/
Generate DES passwords
openssl passwd -crypt -salt XR SuprScrt
output: XR1dOp2EVMph2

With thanks & praise to God, and with thanks to the many people who have made this project possible! | Content (except music & images) licensed under cc by-sa 3.0 | Music: https://www.bensound.com/royalty-free... | Images: https://stocksnap.io/license & others | With thanks to user user3183018 (https://unix.stackexchange.com/users/..., user u150825 (https://unix.stackexchange.com/users/..., user slm (https://unix.stackexchange.com/users/..., user Rahul Patil (https://unix.stackexchange.com/users/..., user Rahul (https://unix.stackexchange.com/users/..., user Lorin Hochstein (https://unix.stackexchange.com/users/..., user Joon Byun (https://unix.stackexchange.com/users/..., user Jeff Schaller (https://unix.stackexchange.com/users/..., user James Harmison (https://unix.stackexchange.com/users/..., user Greg (https://unix.stackexchange.com/users/..., user Gert van den Berg (https://unix.stackexchange.com/users/..., user Evgeny (https://unix.stackexchange.com/users/..., user Arend (https://unix.stackexchange.com/users/..., and the Stack Exchange Network (http://unix.stackexchange.com/questio.... Trademarks are property of their respective owners. Disclaimer: All information is provided "AS IS" without warranty of any kind. You are responsible for your own actions. Please contact me if anything is amiss at Roel D.OT VandePaar A.T gmail.com.