On Sat, Feb 21, 2026 at 07:27:54AM +0000, Eric Johnson wrote: > If you want random passwords, why not just use > openssl rand -base64 32 > or > openssl rand -hex 32 > > What I have done in the past was create passwords with: > openssl rand -hex 60 > for user accounts that are intended to only be used via ssh with ssh keys.
I'm presuming that the intention of the OP was to make a accounts with an unknown password, (long and random), for a purpose such as this. A very good idea would be to read the manual page for passwd(5), (so 'man 5 passwd'). There you will find some very useful advice, specifically that accounts that are not intended to be logged in to are set up with a single asterisk in the password field. No need for random junk random passwords. > For what it's worth, my servers all permit ssh access only via IPv6. This > cuts down nearly all attempts to connect. It does indeed. Regarding the OP's password generation script, I'll look at it shortly and highlight any obvious bugs.
