How to Generate a Strong Pre-shared Key on Linux

Secure pre-shared key

A PSK, or pre-shared key, is a password made up of a random string of characters while encrypting and decrypting data. As the name implies, both parties engaged in the cryptographic process are aware of the key in advance, as it is required not only for decryption but also for encrypting the data.

Hackers can’t take our data over a network if we use pre-shared keys during data transfer., which is important because our security is at risk practically all of the time. Using a PSK while sharing data also ensures that only the people you wish to share it with have access to it.

In this article, I am going to explain the ways to generate the PSK keys on Ubuntu Linux with examples and commands.

Generate strong PSK on Linux

With date and sha256sum

Users can see information about the system date and time with the date command in Linux. This command can produce strong keys for security purposes, which not everyone is aware of. When you combine the date command with sha256sum and base, you’ll get a set of random keys that you may use as a PSK to encrypt data.

ubuntu@server2:~$ date | sha256sum | base64 | head -c 15; echo
ubuntu@server2:~$ date | sha256sum | base64 | head -c 25; echo
ubuntu@server2:~$ date | sha256sum | base64 | head -c 35; echo

Pre shared key - PSK

Here, the given command will print the output of 15, 25, and 35 bytes preshared keys(PSK). The head command will read the bytes and display them in the output. If the head command is removed from the command then the system will print the 92 bytes long string as PSK.

With Pseudorandom Number

The /dev/random and /dev/urandom files in the Linux operating system contain several random number generators. In Linux, they are special files that act as pseudorandom number generators. Both /dev/random and /dev/urandom create random numbers using the Linux entropy pool. Entropy is the noise collected from the environment, such as the CPU fan, mouse movements, and so on. On a Linux system, the noise is stored in the entropy pool, which is then utilized by these files. When these random integers are paired with the base64 command, strong character combinations appropriate for use as a pre-shared key can be generated.

ubuntu@server2:~$ head -c 20 /dev/random | base64
ubuntu@server2:~$ head -c 30 /dev/random | base64

Use pseudo random numbers to create PSK

Note: The -c option used in the command with the head command is for the generation of keys in character.

With GPG utility

The GNU Privacy Guard, or GPG, on a Linux system, is a well-known utility for encrypting and decrypting files. However, you can use the program to generate strong pre-shared keys as well. You can use the gpg command’s – -gen-random method with base64 encoding to generate an infinite number of characters to use as pre-shared keys.

In the following commands, 1 is the quality level and 10, 20, 32, 64, and 128 are the bytes.

ubuntu@server2:~$ gpg - - gen-random 1 10 | base64
ubuntu@server2:~$ gpg - - gen-random 1 20 | base64
ubuntu@server2:~$ gpg - - gen-random 1 32 | base64
ubuntu@server2:~$ gpg - - gen-random 1 64 | base64
ubuntu@server2:~$ gpg - - gen-random 1 128 | base64

Use GPG to generate a strong pre-shared key

 

Note: You can also use 2 as a quality level as shown below:

ubuntu@server2:~$ gpg - - gen-random 2 100 | base64

GPG generate random string

With OpenSSL command

OpenSSL is a well-known and widely-used command-line application for accessing the cryptographic capabilities of the OpenSSL crypto library from the shell. Use the rand sub-command to construct a strong PSK, which generates pseudo-random bytes and filters them through base64 encodings as indicated below.

To generate a 32-bytes, 64-bytes, and 128-bytes long pre-shared keys using the OpenSSL command:

ubuntu@server2:~$ openssl rand -base64 32
ubuntu@server2:~$ openssl rand -base64 64
ubuntu@server2:~$ openssl rand -base64 128

Use openssl to create a secure random string

Conclusion

In this guide, we have shown you different ways and commands to create secure pre-shared keys and passwords. Thank you for checking it out!!