OnWorks favicon

gen-auth - Online in the Cloud

Run gen-auth in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command gen-auth that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator



gen-auth - generate various authentication strings


gen-auth [--help|--version] | <type> ...


gen-auth is tool to assist in all kinds of authentication / encoding / decoding /
encrypting tasks. It began life as an smtp-specific tool, but has drifted in
functionality over time.

The program actions are broken down into types of encoding to generate. Each <type> then
takes its own specific args. The arguments are expected in a specific order on the
command line. Every argument that isn't available on the command line will be prompted
for. One benefit to this is arguments corresponding to passwords will not be echoed to
the terminal when prompted for.


The program action is controlled by the first argument. The meaning of the following
arguments is specified by this type

PLAIN <username> <password>
This type generates a PLAIN (RFC 2595) authentication string. It accepts supplemental
arguments of username and password. It generates a Base64 encoded string

LOGIN <username> <password>
This method accepts username and password as supplemental args. It simply returns
each string Base64 encoded. This provides only minimal advantages over using ENCODE
twice. One advantage is hiding the password if you provide it on STDIN

CRAM-MD5 <username> <password> <challenge>
CRAM-MD5 (RFC 2195) accepts three supplemental arguments. The first is the username
and the second is the password. The third is the challenge string provided by the
server. This string can be either Base64 encoded or not. The RFC states that all
(unencoded) challenge strings must start w/ '<'. This is used to whether the string
is Base64 encoded or not.

CRAM-MD5 uses the challenge and the supplied password to generate a digest. it then
returns the Base64 encoded version of the string md5("<username> <challenge>")

This authentication method requires the Digest::MD5 perl module to be installed.

CRAM-SHA1 <username> <password> <challenge>
This behaves the same as CRAM-MD5 but uses SHA1 digesting rather than MD5.

This authentication method requires the Digest::SHA1 perl module to be installed.

NTLM/SPA/MSN <username> <password> <domain> <challenge>
Although it may be advertised as one of the above types, this method of authentication
if refered to singularly as NTLM. This is a multi-step authentication type. The
first 3 arguments must be supplied up front. They are username, password, and domain,
in that order. These three strings are used to generate an "Auth Request" string.
This string should be passed verbatim to the server. The server will then respond
with a challenge. This challenge is the fourth argument. After receiving the server
challenge, gen-auth will produce an "Auth Response". Posting this response to the
server completes the NTLM authentication transaction.

This authentication method requires the Authen::NTLM perl module to be installed. See
EXAMPLES for an example of this transaction. Note also that 'domain' is often blank
from client or ignored by server.

HTTP-BASIC <username> <password>
Returns the value base64("<username>:<password>"). Used for HTTP Basic authentication
(RFC 2617). Used by adding a header "Authorization: Basic <string>" to a HTTP request
where <string> is the output of this command.

APOP <challenge> <password>
This implements the APOP authentication for the POP3 protocol as described in RFC
1939. <challenge> is the challenge string presented by the POP3 server in the
greeting banner. <password> is the "secret" (usually a password) used to authenticate
the user. This method returns a digest md5("<challenge><password>"). This can be
used to authenticate to a POP3 server in a string like "APOP <user> <digest>" where
<digest> is the string generated by this command.

APOP required the Digest::MD5 perl module.

ENCODE <string>
Simply Base64 encodes a plaintext string. Provided as a convenience function.

DECODE <string>
Decodes a Base64 encoded string. Provided as a convenience function.

MD5/MD5-HEX <string>
Provides an MD5 digest of the supplied string in hex.

MD5-BASE64 <string>
Provides an MD5 digest of the supplied string in Base64.

ENCRYPT <string>
Returns a crypt(3) string generated from the input string.

SALTENCRYPT <string> <salt>
Same as ENCRYPT but you provide the salt as the second argument. See crypt(3) man
page for details.

ROT13 <string>
This performs a rot13 action on <string>. This implementation only performs the
action on ASCII 65-90,97-123. Any other character value is left untouched. Therefore
this method is primarily for LOCALE=C, ASCII only. Feel free to send patches if you
care to have it work in another setting.

ATBASH <string>
This performs an atbash action on <string>. Atbash mirrors a string such that
'a'=='z', 'b'=='y', etc. See the comments on locale and character set under ROT13.


-s Supresses echo on all input fields read from standard input. If this option is not
used, echo is suppressed on fields which are known to be password fields but this may
not be secure enough.

this screen.

version info.


generate a PLAIN AUTH string for user 'tim', password 'tanstaaftanstaaf'
> gen-auth plain tim tanstaaftanstaaf
Auth String: AHRpbQB0YW5zdGFhZnRhbnN0YWFm

generate a CRAM-MD5 string for user 'tim', password 'tanstaaftanstaaf', challenge
'<[email protected]>', using prompt to hide password
> gen-auth cram-md5
username: tim
challenge: PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+

use the DECODE method to ensure we provided the correct output in our last example
> gen-auth decode dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw
tim b913a602c7eda7a495b4e6e7334d3890

use the NTLM (MSN) method to authenticate to a mail server using user 'tim', password
'tanstaaftanstaaf', and domain MAIL. Both the gen-auth transaction and SMTP transaction
are shown to demonstrate the interaction between the two.
334 NTLM supported
235 Authentication succeeded

> gen-auth spa
username: tim
domain: MAIL


Required for all functionality

Required for MD5, MD5-BASE64, CRAM-MD5, APOP

Required for CRAM-SHA1

Required for NTLM/MSN/SPA


0 - no errors occurred
1 - unrecognized type specified


[email protected]

Use gen-auth online using onworks.net services

Free Servers & Workstations

Download Windows & Linux apps

Linux commands

  • 1
    4g8 - Packet Capture and Interception
    for Switched Networks ...
    Run 4g8
  • 2
    4s-admin � 4store cluster management
    tool ...
    Run 4s-adminJ
  • 3
    cpipe - copy stdin to stdout while
    counting bytes and reporting progress ...
    Run cpipe
  • 4
    cplay - a front-end for various audio
    players ...
    Run cplay
  • 5
    g.ppmtopng - Converts between PPM/PGM
    and PNG image formats. KEYWORDS:
    general, display ...
    Run g.ppmtopnggrass
  • 6
    g.proj - Prints or modifies GRASS
    projection information files (in various
    co-ordinate system descriptions). Can
    also be used to create new GRASS
    locations. KE...
    Run g.projgrass
  • More »