From owner-freebsd-questions@FreeBSD.ORG Mon Jan 8 19:07:39 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3979516A505 for ; Mon, 8 Jan 2007 19:07:39 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id E970813C43E for ; Mon, 8 Jan 2007 19:07:38 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1H3zq7-0002cS-D4 for freebsd-questions@freebsd.org; Mon, 08 Jan 2007 20:07:23 +0100 Received: from 89-172-37-249.adsl.net.t-com.hr ([89.172.37.249]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 08 Jan 2007 20:07:23 +0100 Received: from ivoras by 89-172-37-249.adsl.net.t-com.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 08 Jan 2007 20:07:23 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-questions@freebsd.org From: Ivan Voras Date: Mon, 08 Jan 2007 20:07:01 +0100 Lines: 42 Message-ID: References: <45A22099.3060208@esiee.fr> <200701080654.45757.kirk@strauser.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigDF169B019E49F655B3199585" X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: 89-172-37-249.adsl.net.t-com.hr User-Agent: Thunderbird 1.5.0.9 (Windows/20061207) In-Reply-To: <200701080654.45757.kirk@strauser.com> X-Enigmail-Version: 0.94.1.2 Sender: news Subject: Re: Adduser utility to generate "random" passwds ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jan 2007 19:07:39 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigDF169B019E49F655B3199585 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Kirk Strauser wrote: > On Monday 08 January 2007 5:26 am, Ivan Voras wrote: >=20 >> Here's an idea: >> >> $ head -c 64 /dev/random | md5 | head -c 10 >=20 > Hugely bad idea. Since md5 outputs hex, you're only getting 4 bits of = > entropy per character. =20 Yes, with 10 characters that's 5 bytes of practically pure random data, i.e. 40 bits. You're somewhat right: I don't know about pwgen but usually such utilities generate passwords from a set that looks like [0-9a-zA-Z-,], i.e. 6 bits per character. For a password of 8 characters, that's 48 bits, so 8 bits stronger than 10 hexadecimal characters. For equal entropy, 12 hex characters should be used. But hex characters are easier to remember :) --------------enigDF169B019E49F655B3199585 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFopZcldnAQVacBcgRAhz+AJ49gQ94I22P/WzZvf+BLVULu5zdKACg9Lba YY1dcHd3g6Uj1DpHZF9IdDk= =dodg -----END PGP SIGNATURE----- --------------enigDF169B019E49F655B3199585--