passwd.3ssl man page

passwd — compute password hashes


openssl passwd
[-salt string]
[-in file]


The passwd command computes the hash of a password typed at run-time or the hash of each password in a list. The password list is taken from the named file for option -in file, from stdin for option -stdin, or from the command line, or from the terminal otherwise. The Unix standard algorithm crypt and the MD5-based BSD password algorithm 1 and its Apache variant apr1 are available.


Print out a usage message.
Use the crypt algorithm (default).
Use the MD5 based BSD password algorithm 1.
Use the apr1 algorithm (Apache variant of the BSD algorithm).
Use the SHA256 / SHA512 based algorithms defined by Ulrich Drepper. See https://www.akkadia.org/drepper/SHA-cry….
-salt string
Use the specified salt. When reading a password from the terminal, this implies -noverify.
-in file
Read passwords from file.
Read passwords from stdin.
Don't verify when reading a password from the terminal.
Don't output warnings when passwords given at the command line are truncated.
In the output list, prepend the cleartext password and a TAB character to each password hash.


openssl passwd -crypt -salt xx password prints xxj31ZMTZzkVA.

openssl passwd -1 -salt xxxxxxxx password prints $1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a..

openssl passwd -apr1 -salt xxxxxxxx password prints $apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0.