(play with it online here)
This is my version of 'hashapass' (see http://hashapass.com/cmd.html). The main differences are:
- our keys default to 14 characters, not 8
- but you can choose any key length you want
- what they call "parameter" we call "domain name" or "domain"
- we may suffix a "salt" to the domain. See below for why we use a salt.
If you want to compare 'hap' to hashapass command line, this one is, in bash:
echo -n "$domain$salt" |
openssl sha1 -binary -hmac "$mp" |
openssl base64 |
cut -c1-${pwlen:-14}
The salt helps when you are forced to change passwords for a domain. It effectively makes the domain name different. Note that the salt does NOT have to be kept secret, in terms of security.
If $DISPLAY is set, this program also uses the 'xsel' command to dump the generated password into the X selection buffer, and then -- once you hit enter to confirm you're done -- to clear it out.