apg

Create random passwords (default password length is 8)

$ apg

$ apg -M SNCL

$ apg -m [16]

$ apg -x [16]

$ apg -r [path/to/dictionary_file]

apg [-q] [-M mode] [-m min-len] [-x max-len] [-n num] [-E chars] [-I chars] [-S trigraph] [-a algo] [-t table] [-d dict] [trigraph]

-q
    Quiet mode: suppress hints and interactive prompts

-M mode
    Generation mode: 1=pronounceable, 2=random, 3=pronounceable+digits

-m num
    Minimum password length (default: 12/8)

-x num
    Maximum password length

-n num
    Number of passwords to generate (default: 6/10)

-E chars
    Characters to exclude (default: '1I0O')

-I chars
    Characters to include only

-S trigraph
    Start generation with trigraph (interactive)

-a algo
    Entropy algorithm: 1=MD5, 2=SHA, 3=/dev/random, 4=/dev/urandom, 5=crypt, 6=uuencode

-t file
    Trigraph table file (default: /usr/share/apg/trigraph.table)

-d file
    Hint dictionary file (default: /usr/share/apg/dict)

--help
    Display usage summary

--version
    Show version info

APG (Automated Password Generator) is a Linux command-line tool for creating strong, human-memorable passwords. It uses trigraph tables—collections of common three-letter combinations—to produce pronounceable strings that resist dictionary attacks while being easy to recall. By default, it generates passwords with mnemonic hints from a dictionary file, helping users remember them. Key features include customizable length ranges, character exclusion/inclusion (e.g., avoiding ambiguous '0','O','1','l'), multiple generation modes (pronounceable, random, or alphanumeric-mixed), and support for various entropy sources like MD5, SHA, or /dev/random. Ideal for sysadmins generating user or service passwords, it balances security and usability. Output includes the password and a hint like a dictionary phrase. Custom tables and dictionaries allow tailoring. Though not always pre-installed, available via apt install apg or equivalents. For ultra-secure keys, prefer tools like openssl rand.

Entropy quality depends on system sources; use -a 3 for best randomness.
Passwords are console-printed; capture output securely.
Not installed by default; install via package manager.
Avoid for cryptographic keys—use openssl instead.

apg -n 5 -m 10
Generate 5 pronounceable passwords ≥10 chars with hints.

apg -M 2 -n 3 -x 16 -E 'aeiou'
3 random passwords ≤16 chars, no vowels.

apg -q -a 3
One quiet password using /dev/random.

Trigraphs: /usr/share/apg/trigraph.table
Dictionary: /usr/share/apg/dict
Paths vary by distro.

Developed by Alexander Veselov (thePapath) starting ~2001; hosted on SourceForge. Remains in repos like Debian/Ubuntu for legacy use.

pwgen(1), mkpasswd(1), openssl(1)