DEV Community

Bash random password generator

Alex Georgiev on January 30, 2021

Introduction It's a not an uncommon situation where you will need to generate a random password that you can use for any software instal...

Read full post

Comment deleted

Alex Georgiev • Jan 31 '21 • Edited

Hey,

I agree with you that saving your passwords in plain text in a file is not consider secure, hence the password will not be saved by default unless you want to do so.

The idea is for bash beginners to create a small project and have fun while doing it.

I will look into publishing a more secure updated version.

Andrea Giammarchi • Jan 31 '21

I'm afraid the internet works differently: people pick a trusted site and copy and paste (see Stack Overflow) so this is really a bad, security speaking, advice, hint, suggestion, whatsoever, beginner thingy ... because beginners should be the first one to understand that security is not a joke.

Please update this post ASAP and remove that script before it damages some clueless copy-paster.

Thanks for your help in making this site a better place for beginners too 👋

Alex Georgiev • Jan 31 '21

I agree with with, the script has been modified. Thanks for the valuable input!

Andrea Giammarchi • Feb 1 '21 • Edited

I've removed my initial comment, as the post has been updated and there is no place for that comment anymore.

Thank you for the update, I know it feels less "wow" or "cool" now, but it was the right thing to do 👍

Ben Sinclair • Jan 31 '21

# Check if the log file is present and if not, create it
if [[ !log_file ]]; then
  touch ~/pass_log.txt
fi

You don't need to create a file in order to append to it - you can use >>| instead of >> later on and it will work.

Ben Sinclair • Jan 31 '21 • Edited

Looks like I'm mixed up.

">>|" will force it on zsh. You don't need that (and it won't be recognised) on bash. Equally, you don't need to create a file on bash prior to writing to it.

I'm mixed up because I regularly use >| to force overwriting a file when I've got noclobber set...

Alex Georgiev • Jan 31 '21

Hey,

That is indeed correct. It also saves code as well!

Alex Georgiev • Jan 31 '21

Hey,

That is correct! Thanks for sharing it.

ARIF MAHMUD RANA • Mar 2 '21

Alex why are you printing printf "$pass_output\n" where are you setting pass_output? This wasn't necessary. Also I think for script it's best to output the only intended things so that output can be piped you implementation doesn't suit that e.g I could have copied the output of script or use it for automation but this is not possible. Also why use clear printf with new line. This are all unnecessary staffs. For me short and simple

#!/bin/bash
read -p "How many characters you would like the password to have? " pass_length
tr -dc 'A-Za-z0-9!"#$%&'\''()*+,-./:;<=>?@[\]^_`{|}~' </dev/urandom | head -c pass_length

Alex Georgiev • Apr 4 '21

Good call, Arif! That was left over from the first version of the script which was later on changed! Thanks for pinpointing this.

Ranieri Althoff • Jan 31 '21

No love for pwgen?

Alex Georgiev • Jan 31 '21 • Edited

Hi,

It is great idea to use pwgen but I believe it does not come installed by default and the idea was to build the script in a way that you wont need to install any additional software.

Thanks for sharing it!