Provided by: nettle-bin_3.9.1-2_amd64
NAME
nettle-pbkdf2 - Command-line password-based key derivation tool.
SYNOPSIS
nettle-pbkdf2 [OPTIONS] SALT
DESCRIPTION
This manual page documents briefly the nettle-pbkdf2 command. This manual page was written for the Debian GNU/Linux distribution because the original program does not have a manual page. nettle-pbkdf2 is a front-end for Nettle's PBKDF2 (Password-Based Key Derivation Function 2) implementation. PBKDF2 applies a pseudo-random function to a passphrase together with a salt, producing a derived key of arbitrary length. By iterating the process many times, feeding the output of each round as the input of the next, brute-force cracking of the password is made to take correspondingly longer time. The use of a salt makes it harder to use dictionaries or rainbow tables. As computers become more powerful, the number of iterations can be increased without changing the rest of the algorithm. The pseudo-random function used by this tool is currently HMAC-SHA256. The password is read from standard input and the resulting derived key is written to standard output in groups of 16 hexadecimal digits, unless the --raw option is used. The salt and number of iterations are not included in the output.
OPTIONS
This program follows the usual GNU command line syntax, with long options starting with two dashes (`-'). A summary of options is included below. -l, --length=length Desired output length in octets. --raw Output derived key in raw binary format. --hex-salt Specifies that SALT is provided in hexadecimal format. --help Show summary of options. -V, --version Show version of program.
SEE ALSO
mkpasswd(1), https://en.wikipedia.org/wiki/PBKDF2
AUTHOR
This manual page was originally written by Magnus Holmgren <holmgren@debian.org>, for the Debian GNU/Linux system (but may be used by others).