HowTo: Linux Random Password Generator Command

How do I generate random passwords on the Linux command line using the bash shell? How to create random password using Linux command line options?

You can use the following shell function to generate random password. The function use the combination of the following commands and files:

    Tutorial details
    Difficulty level Easy
    Root privileges No
    Requirements Bash
    Est. reading time 2m
  1. /dev/urandom file – Linux kernel’s random number generator source/interface. A read from the /dev/urandom device will not block waiting for more entropy.
  2. tr command – Translate or delete characters. Used to remove unwanted characters from /dev/urandom.
  3. head command – Output the first part of files.
  4. xargs command – build and execute command lines from standard input/pipe.

Bash function to create random password

Edit ~/.bashrc file, enter:
$ vi $HOME/.bashrc
Append the following code:

genpasswd() { 
	local l=$1
       	[ "$l" == "" ] && l=16
      	tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs 

Save and close the file. Source ~/.bashrc again, enter:
$ source ~/.bashrc

To generate random password, enter:
$ genpasswd
Sample outputs:


To generate 8 character long random password, enter:
$ genpasswd 8
Sample outputs:

Linux Random Password Generator Command

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 11 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
11 comments… add one
  • Alpha01 Mar 1, 2011 @ 6:31

    Cool tip, the following command always worked for me:
    openssl rand -base64 6

    • Diceroll Mar 1, 2011 @ 14:11

      Thanks for the Tips, and cool blog too.
      keep up the good work.

  • HS Mar 18, 2011 @ 19:15

    Debian / Ubuntu: sudo apt-get install pwgen
    Centos / Redhat : yum –enablerepo=rpmforge install bind-utils secpwgen

  • 3y3lop Apr 25, 2011 @ 5:21

    Thanks for the tips…its work. ^_^

    • Philippe Petrinko Apr 30, 2011 @ 11:18

      Well, the need for random password generation is an important topic, and your example of User-Defined Function is nice to know, but there is already a nice command for it! ;-D

      It’s named [mkpasswd]

      To get manual page, type in : man mkpasswd

      mkpasswd – Overfeatured front end to crypt(3)

      mkpasswd PASSWORD SALT

      mkpasswd encrypts the given password with the crypt(3) libc function using the given salt.

      -S, –salt=STRING
      Use the STRING as salt. It must not contain prefixes such as $1$.

      -R, –rounds=NUMBER
      Use NUMBER rounds. This argument is ignored if the method choosen does not support variable rounds. For the
      OpenBSD Blowfish method this is the logarithm of the number of rounds.

      -m, –method=TYPE
      Compute the password using the TYPE method. If TYPE is help then the available methods are printed.

      -P, –password-fd=NUM
      Read the password from file descriptor NUM instead of using getpass(3). If the file descriptor is not connected
      to a tty then no other message than the hashed password is printed on stdout.

      -s, –stdin
      Like –password-fd=0.

  • cabaro Jun 9, 2011 @ 17:17

    For ubuntu i like to use apg
    apt-get install apg

    Then just run:

  • Timo Juhani Lindfors Feb 19, 2012 @ 10:08

    The original example is very unsafe since all local users can see your password via the process list.

    Details available in

  • Sebastian Palucha Aug 7, 2014 @ 10:32

    On Mac OS I have to add LC_TYPE in front of tr line e.g.

    LC_CTYPE=C tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs

    This was to avoid this "Illegal byte sequence" issue

    Thanks for you solution.

    • David Oct 25, 2014 @ 4:48

      Thanks, Sebastian! I was getting that error, too.

  • zeeshan Ikram Aug 17, 2015 @ 20:18

    on mac this one not work for me

    LC_CTYPE=C tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs"

    but if we change with LC_ALL can work

    LC_ALL=C tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs

  • Jeff Puckett Sep 19, 2016 @ 2:05

    is xargs really necessary here?

    also, for passwords no special chars is quick to hack, so I like to use ASCII chars 50 -172 (right after the quotes so that it doesn’t interfere with variable assignment.

    tr -dc \\050-\\172 < /dev/urandom | head -c ${l}

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum