| PWHASH(1) | General Commands Manual | PWHASH(1) | 
pwhash —
| pwhash | [ -km] [-Avariant[,params]] [-brounds] [-Srounds] [-ssalt] [-p|
      string] | 
pwhash prints the encrypted form of
  string to the standard output. This is mostly useful for
  encrypting passwords from within scripts.
The options are as follows:
-b
    rounds-k-m-p-S
    rounds-A
    variant[,params]Following the required variant name, three optional comma-delimited parameters may be provided,
t=n Specify the number of iterations to n.
m=n Specify the memory usage in KB to n.
p=n Specify the number of threads to n. This is currently ignored.
If unspecified, default parameters are calculated based on system performance and available resources.
-s
    saltIf no string is specified,
    pwhash reads one string per line from standard
    input, encrypting each one with the chosen algorithm from above. In the
    event that no specific algorithm is given as a command line option, the
    algorithm specified in the default class in
    /etc/passwd.conf will be used.
For MD5, Blowfish, and Argon2 a new random salt is automatically generated for each password.
Specifying the string on the command line should be discouraged; using the standard input is more secure.
pwhash -A argon2id,p=1,m=4096 -p
| October 20, 2021 | NetBSD 10.0 |