Timeline for How to generate a random string?
Current License: CC BY-SA 3.0
15 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 15, 2024 at 14:42 | comment | added | tuxErrante | Beware this can generate not valid symbols for passwords like \n | |
| Mar 16, 2022 at 9:11 | comment | added | asynts |
You probably want to use openssl rand 64 | openssl enc -A -base64 for longer strings, otherwise it will cut of at 80 characters because of backward compatibility with old terminals.
|
|
| Mar 22, 2021 at 9:51 | comment | added | ZoFreX |
Note that the manual says openssl rand is a cryptographically secure pseudo random number generator (CSPRNG).
|
|
| Feb 25, 2020 at 15:09 | comment | added | spikyjt |
Note that according to its manual, the openssl rand command is still a pseudo-random generator, therefore not cryptographically secure. This suited my needs, but may not suit the need of all applications, e.g. initializing IV as mentioned in another comment.
|
|
| Apr 29, 2019 at 8:35 | comment | added | xxfelixxx | This should be the top answer. | |
| Apr 14, 2019 at 16:12 | comment | added | Suhayb | I am here to initialize IV, and this is what i was missing | |
| Feb 5, 2019 at 10:15 | review | Late answers | |||
| Feb 5, 2019 at 10:22 | |||||
| Jun 15, 2018 at 9:05 | comment | added | otmezger | This worked also straight forward on a mac | |
| Sep 5, 2017 at 16:34 | comment | added | zentechinc | This answer deserves more upvotes. urandom, pwgen, gpw, etc may or may not be available on your system; also in different environments, a policy that works on one may not work on another. It would be a pretty dysfunctional setup to not have openssl. Even better: openssl rand -base64 32 | tr -d /=+ | cut -c -16 That'll give you 32 char minus non-alphanum's and trimmed to 16 char length. Makes it easy to deal with as an admin. Users only have alphanums (which they tend to appreciate). The length is long enough that the removal of special chars don't overly impact the entropy. Golden. | |
| May 19, 2017 at 20:58 | comment | added | Dennis Williamson | @Carpetsmoker: In that case, neither is this answer. | |
| May 19, 2017 at 20:31 | comment | added | Martin Tournoij | The question was "How to generate a random string of a specific length" @DennisWilliamson, so while your comment is correct as such, it's not correct in the context of this question. | |
| May 19, 2017 at 20:29 | comment | added | Dennis Williamson |
@Carpetsmoker: Note that the example openssl rand -base64 12 produces 16 characters of output (because 256 values are mapped to 64). And the hex example produces 24 characters. There's no loss in the case of the hex since it's a simple 1:2 mapping, but there might be a little in the base64 case since padding is used. The radix does not affect the randomness, it's the way one is mapped to another that does. (and the total bit count is much more important).
|
|
| Aug 27, 2016 at 17:37 | comment | added | Martin Tournoij |
rand -hex will limit the output to just 16 characters, rather than the 90+ on my keyboard. base64 is better because it's 64 characters, but it's not random (e.g. there are predictable padding patterns, and perhaps some characters appear more often than others).
|
|
| Aug 27, 2016 at 17:29 | history | edited | Martin Vegter | CC BY-SA 3.0 |
added 4 characters in body
|
| Aug 27, 2016 at 17:22 | history | answered | Martin Vegter | CC BY-SA 3.0 |