Overview
I was building a new project recently, and needed to create a new random secret.
I took this as an opportunity to learn about security and brush up my skills like password hashing, salts, cryptographically secure keys, randomness etc.
After my rabbit hole journey, I got back to the task at hand.
TLDR: Have a Mac? openssl rand -hex 32.
Prerequisites
OpenSSL
For MacOS:
brew install openssl
On Windows:
Use this if you have Git installed:
C:\Program Files\Git\usr\bin\openssl.exe
Else, build it yourself: https://github.com/openssl/openssl/blob/master/NOTES-WINDOWS.md
Ubuntu
sudo apt install openssl
Generate random secrets
Base64
openssl rand -base64 32
Hex
openssl rand -hex 32
Try it out!
If you like rabbit holes, look up OS entropy and random generators.
References and Further Reading
- OpenSSL RAND_bytes man page: https://docs.openssl.org/1.0.2/man3/RAND_bytes/
- OpenSSL Library https://openssl-library.org/
- Brew OpenSSL https://formulae.brew.sh/formula/openssl@3
- Bcrypt https://en.wikipedia.org/wiki/Bcrypt
