Provided by: nettle-bin_3.4.1-1_amd64 bug


       nettle-pbkdf2 - Command-line password-based key derivation tool.


       nettle-pbkdf2 [OPTIONS] SALT


       This  manual  page  documents  briefly  the  nettle-pbkdf2  command.  This manual page was
       written for the Debian GNU/Linux distribution because the original program does not have a
       manual page.

       nettle-pbkdf2  is  a front-end for Nettle's PBKDF2 (Password-Based Key Derivation Function
       2) implementation. PBKDF2 applies a pseudo-random function to a passphrase together with a
       salt,  producing  a  derived key of arbitrary length. By iterating the process many times,
       feeding the output of each round as the input of the next,  brute-force  cracking  of  the
       password is made to take correspondingly longer time. The use of a salt makes it harder to
       use dictionaries or rainbow tables. As computers  become  more  powerful,  the  number  of
       iterations can be increased without changing the rest of the algorithm.

       The pseudo-random function used by this tool is currently HMAC-SHA256.

       The  password  is  read  from  standard  input and the resulting derived key is written to
       standard output in groups of 16 hexadecimal digits, unless the --raw option is  used.  The
       salt and number of iterations are not included in the output.


       This  program  follows  the usual GNU command line syntax, with long options starting with
       two dashes (`-').  A summary of options is included below.

       -l, --length=length
              Desired output length in octets.

       --raw  Output derived key in raw binary format.

              Specifies that SALT is provided in hexadecimal format.

       --help Show summary of options.

       -V, --version
              Show version of program.




       This manual page was originally written by Magnus Holmgren <>, for  the
       Debian GNU/Linux system (but may be used by others).