This may be two requests, one a bug and one a feature request. Issue 1: openssl 1.1.0 passwd on Windows 64 doesn't generate MD5 passwords (-1 / -apr1), returns "<NULL>". I haven't tested other platforms. See output below.
Issue 2: openssl 1.1.0 passwd doesn't support newer password hashing algorithms used by unix / linux platforms. This limitation may force people to use weaker password storage than possible, for example if generating crypts using openssl passwd to feed into usermod -p. Please add support for password types 5 (SHA-256) and 6 (SHA-512). http://man7.org/linux/man-pages/man3/crypt.3.html ID | Method ───────────────────────────────────────────────────────── 1 | MD5 2a | Blowfish (not in mainline glibc; added in some | Linux distributions) 5 | SHA-256 (since glibc 2.7) 6 | SHA-512 (since glibc 2.7) Issue 1: collateral: Working in OpenSSL 1.0.2.h: D:\>openssl version OpenSSL 1.0.2h 3 May 2016 D:\>openssl passwd -apr1 password $apr1$hU.5TC8J$BaYCimZriQeWKBSupbQuO. D:\>openssl passwd -1 password $1$LxNTmc7h$FHDYsVvavnYy0KqB.2ZIx0 Compiled Openssl 1.1.0: D:\OpenSSL\openssl-1.1.0\apps>.\openssl version OpenSSL 1.1.0 25 Aug 2016 D:\OpenSSL\openssl-1.1.0\apps>.\openssl version OpenSSL 1.1.0 25 Aug 2016 D:\OpenSSL\openssl-1.1.0\apps>.\openssl passwd password UZ8kfkzdGoYTQ D:\OpenSSL\openssl-1.1.0\apps>.\openssl passwd -1 password <NULL> D:\OpenSSL\openssl-1.1.0\apps>.\openssl passwd -apr1 password <NULL> (To show that MD5 wasn't compiled out): D:\Download\OpenSSL\openssl-1.1.0\apps>.\openssl passwd -help Usage: passwd [options] Valid options are: -help Display this summary -in infile Pead passwords from file -noverify Never verify when reading password from terminal -quiet No warnings -table Format output as table -reverse Switch table columns -salt val Use provided salt -stdin Read passwords from stdin -apr1 MD5-based password algorithm, Apache variant -1 MD5-based password algorithm -crypt Standard Unix password algorithm (default) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4674 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
