[ale] creating very powerful relatively short memorable passwords

[Michael B. Trausch]

On Thu, 2011-09-15 at 21:14 -0400, George Allen wrote:
> Most simple method I've come up with was to copy from:
>    dd if=/dev/urandom count=1 2> /dev/null|  tr -dc
> "[:alnum:][:punct:]" | cut -c-20
> into a gpg file behind a passphrase of ~30 chars of jabberwocky-like
> gibberish.
> 
> The weakest part would be a keylogger or an attack against the buffer
> for copy/paste, but then I'd be in trouble anyway. 

I like it.

Here, generalized a little bit and with quote characters removed from
the set of allowed characters (because they can be a bit dangerous in
certain contexts, like taking a freshly generated password and pasting
it in a Python configuration file for a database server.... :))

=========================================================================
#!/bin/bash
#
# Simplistic password generator
#

LEN=30

while getopts l: o
do
    case "$o" in
	l)
	    LEN="$OPTARG"
	    ;;
	[?])
	    print >&2 "Usage: pwgen [-l LEN]"
	    exit 1
	    ;;
    esac
done

# Generate the password and print it to the terminal.
dd if=/dev/urandom bs=$(($LEN * 8)) count=1 2> /dev/null \
    | tr -dc '[:alnum:][+,.:<>[]{}!@#$%^&*()]' \
    | cut -c-${LEN}
=========================================================================

Shebang says /bin/bash only because I haven't tested it with anything
else.  I experimented with the dd bs size until I could generate several
hundred pseudorandom passwords without falling short on the character
length requirement for LEN=100.  It might need tweaked a bit further.  I
did it that way so that it isn't reading a whole 512 bytes of
pseudorandomness when it doesn't need to.

	--- Mike

-- 
A man who reasons deliberately, manages it better after studying Logic
than he could before, if he is sincere about it and has common sense.
                                  --- Carveth Read, “Logic”