Generating Secure Passwords for your Linux Server

Having a strong password is necessary to protect our information from being accessible by others. A strong password should be difficult to be identified, guess or decrypt by the attackers.

Mostly, while entering passwords, we will be prompted to enter the upper case and lowercase letters along with numbers and special characters.

But thinking of a new password every time is very difficult and most people end up repeating the same password for every website and application they use.

This way of using the same password may seem very easy, but it puts our data and information at risk. Our important details, like card details or personal information, can become vulnerable to attackers.

To avoid the work of thinking of a new password for every application, we have many ways in Linux to create a strong password in the terminal itself.

Let us see the ways by which we can generate passwords in our Linux system.

Table of Contents

  1. Using OpenSSL
  2. Using pwgen utility
  3. Using GPG utility
  4. Using PERL script
  5. Using APG
  6. Using xkcdpass
  7. Using Revelation UI

1. Using OpenSSL

To create a random password in the terminal, type the following command.

openssl rand -base64 16
  1. rand - generates the random password.
  2. -base64 is used to ensure that the password format can be typed through the keyboard
  3. 16 represents the length of the password. We can increase the length or decrease it according to our needs.

Sometimes, the above command may not work because of the missing rand utility in some Linux systems.

To install the rand utility type the following command.

sudo apt install rand

2. Using pwgen utility

To generate a password using the pwgen utility, type the following command in the terminal.

sudo apt-get install pwgen

To get help while using pwgen, this command will do the trick.

pwgen –help

Using the following command we can generate a secure password that includes symbols.

pwgen -ys 14 1

Here, “y” tells pwgen to generate a secure password, “s” tells pwgen to include symbols in the password, “14” is the length of the password, and “1” at the end helps generate only one password.

3. Using GPG utility

GPG, short for GNU Privacy Guard utility, is a free command-line utility for both Linux and Microsoft Windows and Android systems.

Use the following command to create the password using the GPG utility.

gpg –gen-random –armor 1 16

Here, 16 represents the length of the password and it can be changed.

4. Using Perl script

Perl being a command-line utility available in Ubuntu repositories, it can be downloaded using the following command.

sudo apt-get install perl

To generate a password using the PERL script, we need to create a file for it. Let’s create a file named “” using the following command in the nano editor,


Once the file is created, paste the following code there.

my @alphanumeric = ('a'..'z', 'A'..'Z', 0..9);
my $randompassword = join '', map $alphanumeric[rand @alphanumeric], 0..8;
print "$randompassword\n"

Save and exit the file. Using the shortcut Ctrl+X and entering Y does the trick.

Now, to run the Perl script in the file, use the command below


5. Using APG

APG which stands for Automatic Password Generator is a command-line utility used for generating secure passwords in Linux systems. An advantage of using APG to generate passwords is that it produces pronounceable passwords.

To install APG on Ubuntu, first, enable the universe repository using the following command

sudo apt-get repository universe

And, now you are ready to install APG using the following command:

To install APG on Ubuntu/Debian, just type the command

sudo apt install apg

For CentOS/RHEL, to install APG utility, enable the EPEL repository,

sudo yum install epel-repository

And now type the following command to install APG in CentOS/RHEL systems,

sudo yum install apg

To install APG on Fedora, use the following command,

sudo dnf install apg

Once the APG is installed, you are now ready to run the apg command to generate strong, pronounceable passwords.


In the output, we can see that APG has generated 6 passwords with the pronunciation of each word in the bracket. All passwords are pronounceable like regular words.

If you want to generate random passwords rather than pronounceable words, just type the following command

apg -a 1

To get more information on APG you can find it using the command below

man apg

6. Using xkcdpass

Xkcdpass is used to generate strong paraphrases. Rather than generating passwords with random characters, xkcdpass generates paraphrases.

To install xkcdpass in Ubuntu/Debian, just type the following command,

sudo apt install xkcdpass

To install xkcdpass in Arch Linux and its variants, use the following command,

sudo pacman -S xkcdpass

Once xkcdpass is installed, we can now run it using the following command in the terminal.


In the output, we can see that there are 6 paraphrases created by default. We can change the number of paraphrases generated by using the “-n” option with the xkcdpass command like below.

xkcdpass -n 4

Now only 4 paraphrases will get created.

To know more about xkcdpass, you can use the following command

man xkcdpass

7. Using the Revelation UI Application

The above methods to create passwords are CLI based, but now we are going to use a UI application called revelation to create passwords in Linux systems.

To install the revelation application, type the following command

sudo apt-get install revelation

When prompted, enter “Y” in the terminal.

Once the application is installed. Open it and you can click on the password generator option which is under the View menu. In the dialog box, the length of the password can be given also if we need special characters in the password we can include that too from the dialog box. Click the generate button to finally generate the password.

To view the passwords, go to View-> Show Passwords. This will view the generated passwords in visual form and not in hidden(asterisk) form.


In the current era, where data is a valuable resource, we should be able to protect our own data from falling into the wrong hands.

Not using the same password on all websites and making each password stronger can avoid unnecessary and unexpected attacks from hackers and malicious attackers.

In this blog, we have seen different ways to generate a strong password in the terminal also in the Linux applications. Using these strong passwords will keep our valuable data safe from prying eyes.

Monitor Your Entire Application with Atatus

Atatus is a Full Stack Observability Platform that lets you review problems as if they happened in your application. Instead of guessing why errors happen or asking users for screenshots and log dumps, Atatus lets you replay the session to quickly understand what went wrong.

We offer Application Performance Monitoring, Real User Monitoring, Server Monitoring, Logs Monitoring, Synthetic Monitoring, Uptime Monitoring and API Analytics. It works perfectly with any application, regardless of framework, and has plugins.

Atatus can be beneficial to your business, which provides a comprehensive view of your application, including how it works, where performance bottlenecks exist, which users are most impacted, and which errors break your code for your frontend, backend, and infrastructure.

If you are not yet a Atatus customer, you can sign up for a 14-day free trial .


#1 Solution for Logs, Traces & Metrics

tick-logo APM

tick-logo Kubernetes

tick-logo Logs

tick-logo Synthetics

tick-logo RUM

tick-logo Serverless

tick-logo Security

tick-logo More

Lydia Kirubai

Lydia Kirubai

I am a technical content writer at Atatus. Reading + Thinking + Writing makes me feel good.