RADCRYPT(8)		    System Manager's Manual		   RADCRYPT(8)



NAME
       radcrypt  -  generate password hash for use with radius, or validates a
       password hash

SYNOPSIS
       radcrypt   [-d|--des]   [-m|--md5]   [-c|--check]    plaintext_password
       [hashed_password]

DESCRIPTION
       radcrypt generates a hashed digest of a plaintext password, or can val-
       idate if a password hash matches a  plaintext  password.  DES  and  MD5
       hashes  are currently supported. When generating a password hash a ran-
       dom salt is generated and applied.

       A hashed password can be validated by  specifying  -c  or  --check  and
       passing	hashed_password  after plaintext_password on the command line.
       In this case hashed_password will be  checked  to  see  if  it  matches
       plaintext_password.  If	so  "Password OK" will be printed and the exit
       status will be 1, otherwise "Password BAD" will	be  printed  and  exit
       status  will  be  0  (Note  this is the opposite of a normal successful
       shell status).


OPTIONS
       -d --des
	      Use a DES (Data Encryption Standard) hash (default).  Ignored if
	      performing a password check.

       -m --md5
	      Use  a  MD5  (Message  Digest  5) hash.  Ignored if performing a
	      password check.

       -c --check
	      Perform a validation check on a password hash to	verify	if  it
	      matches the plantext password.


EXAMPLES
       $ radcrypt foobar
       HaX0xn7Qy650Q
       $ radcrypt -c foobar HaX0xn7Qy650Q
       Password OK

SEE ALSO
       radiusd(8), crypt(3)

AUTHORS
       Miquel van Smoorenburg <miquels@cistron-office.nl>



								   RADCRYPT(8)