Good Passwords with GnuPG

I found out from this site that GPG can be used to generate random text for passwords. Here’s the command:


 gpg --gen-random 1 20 | gpg --enarmor | sed -n 5p

Very simple. I may have to use this in the future.

WARNING

This limits you to the Base64 character set, greatly limiting the search space for password cracking.  One should really use something other than enarmor to spit out a random printable ASCII string…

Update

OK, I did it.  It took some time, but it works nicely now, and generates MUCH better passwords:


hank@tardis:/nexus/tardis/hank$ for i in 1 2 3 4; \
  do gpg --gen-random 1 20 | \
  perl -ne's/[\x00-\x20]/chr(ord($^N)+50)/ge;s/([\x7E-\xDB])/chr(ord($^N)-93)/ge;s/([\xDC-\xFF])/chr(ord($^N)-129)/ge;print $_, "\n"';
done
p8$K`frjdkp;i-c2]2a2
glj#""I/eY\aYe3p}2y@
U2cXL&2^2/@7P2d#;?E=
kG)|N?[ZP2t2'bH22e;$

I know that probably looks like gobbledy-gook, but the main part of it is this:

gpg --gen-random 1 20 | perl -ne'print "Your password: ";s/[\x00-\x20]/chr(ord($^N)+50)/ge;s/([\x7E-\xDB])/chr(ord($^N)-93)/ge;s/([\xDC-\xFF])/chr(ord($^N)-129)/ge;print $_, "\n"'

Run that in a terminal, and profit.


One thought on “Good Passwords with GnuPG

  1. Pingback: The Government’s Certificate Authority: Why you shouldn’t worry | Schadenfreude

Comments are closed.