ENCRYPT(1)                 OpenBSD Reference Manual                 ENCRYPT(1)

NAME
     encrypt - encrypt passwords from the command line or standard input



SYNOPSIS
     encrypt [-k] [-b rounds] [-m] [-s salt] [-p | string]
     makekey

DESCRIPTION
     encrypt prints the encrypted form of string to the standard output.  This
     is mostly useful for encrypting passwords from within scripts.

     The following options are supported:

     -k         Run in makekey compatible mode; a single combined key and salt
                are read from standard input and the DES encrypted result is
                written to standard output without a terminating newline.

     -b rounds  Encrypt the string using Blowfish hashing with the specified
                rounds.

     -m         Encrypt the string using MD5.

     -p         Prompt for a single string with echo turned off.

     -s salt    Encrypt the string using DES, with the specified salt.

     If no string is specified, encrypt reads one string per line from stan-
     dard input, encrypting each one with the chosen algorithm from above. In
     case that no specific algorithm was given as a command line option, the
     default will be looked up from /etc/passwd.conf.

     For MD5 and Blowfish a new random salt is automatically generated for
     each password.

     Specifying the string on the command line should be discouraged; using
     the standard input is more secure.

FILES
     /etc/passwd.conf

SEE ALSO
     crypt(3),  pw_getconf(3),  passwd.conf(5)

HISTORY
     encrypt first appeared in OpenBSD 1.2.

     A makekey command appeared in Version 7 AT&T UNIX.

OpenBSD 2.6                      May 18, 1999                                1