A PSK, or pre-shared key, is a password made up of a random string of characters while encrypting and decrypting data. As the name implies, both parties engaged in the cryptographic process are aware of the key in advance, as it is required not only for decryption but also for encrypting the data.
Hackers can’t take our data over a network if we use pre-shared keys during data transfer., which is important because our security is at risk practically all of the time. Using a PSK while sharing data also ensures that only the people you wish to share it with have access to it.
In this article, I am going to explain the ways to generate the PSK keys on Ubuntu Linux with examples and commands.
Generate strong PSK on Linux
With date and sha256sum
Users can see information about the system date and time with the date command in Linux. This command can produce strong keys for security purposes, which not everyone is aware of. When you combine the date command with sha256sum and base, you’ll get a set of random keys that you may use as a PSK to encrypt data.
ubuntu@server2:~$ date | sha256sum | base64 | head -c 15; echo ubuntu@server2:~$ date | sha256sum | base64 | head -c 25; echo ubuntu@server2:~$ date | sha256sum | base64 | head -c 35; echo
Here, the given command will print the output of 15, 25, and 35 bytes preshared keys(PSK). The head command will read the bytes and display them in the output. If the head command is removed from the command then the system will print the 92 bytes long string as PSK.
With Pseudorandom Number
The /dev/random and /dev/urandom files in the Linux operating system contain several random number generators. In Linux, they are special files that act as pseudorandom number generators. Both /dev/random and /dev/urandom create random numbers using the Linux entropy pool. Entropy is the noise collected from the environment, such as the CPU fan, mouse movements, and so on. On a Linux system, the noise is stored in the entropy pool, which is then utilized by these files. When these random integers are paired with the base64 command, strong character combinations appropriate for use as a pre-shared key can be generated.
ubuntu@server2:~$ head -c 20 /dev/random | base64 ubuntu@server2:~$ head -c 30 /dev/random | base64
Note: The -c option used in the command with the head command is for the generation of keys in character.
With GPG utility
The GNU Privacy Guard, or GPG, on a Linux system, is a well-known utility for encrypting and decrypting files. However, you can use the program to generate strong pre-shared keys as well. You can use the gpg command’s – -gen-random method with base64 encoding to generate an infinite number of characters to use as pre-shared keys.
In the following commands, 1 is the quality level and 10, 20, 32, 64, and 128 are the bytes.
ubuntu@server2:~$ gpg - - gen-random 1 10 | base64 ubuntu@server2:~$ gpg - - gen-random 1 20 | base64 ubuntu@server2:~$ gpg - - gen-random 1 32 | base64 ubuntu@server2:~$ gpg - - gen-random 1 64 | base64 ubuntu@server2:~$ gpg - - gen-random 1 128 | base64
Note: You can also use 2 as a quality level as shown below:
ubuntu@server2:~$ gpg - - gen-random 2 100 | base64
With OpenSSL command
OpenSSL is a well-known and widely-used command-line application for accessing the cryptographic capabilities of the OpenSSL crypto library from the shell. Use the rand sub-command to construct a strong PSK, which generates pseudo-random bytes and filters them through base64 encodings as indicated below.
To generate a 32-bytes, 64-bytes, and 128-bytes long pre-shared keys using the OpenSSL command:
ubuntu@server2:~$ openssl rand -base64 32 ubuntu@server2:~$ openssl rand -base64 64 ubuntu@server2:~$ openssl rand -base64 128
In this guide, we have shown you different ways and commands to create secure pre-shared keys and passwords. Thank you for checking it out!!