A cikin labarin na gaba zamuyi la'akari da wasu hanyoyi zuwa samar da kalmomin shiga masu karfi daga tashar. A yau, mahimmancin kalmar sirri mai tsaro wacce ta ƙunshi haruffa da yawa, alamomi, lambobi, da dai sauransu, an ƙarfafa su sosai da kuma amfani da su, don ƙarfafa shi kuma ba zama mai sauƙi ba ga wasu yayin samun bayananmu.
Kowa ya san cewa a yau yawancin dandamali suna tambayar mu kalmar sirri don samun damar ayyukansu, namu imel, samun damar shiga intanet din ofis, shiga bankuna, da sauransu, kuma idan bamu da m kalmar sirri, ko ba dade ko ba jima zamu iya samun manyan matsalolin tsaro.
Abubuwan da aka saba la'akari dasu don ƙirƙirar amintacce, kwanciyar hankali da ƙarfi kalmar sirri sune masu zuwa:
- Dole ne mu yi amfani da alamomi, lambobi, manyan haruffa da ƙananan haruffa.
- Kada ayi amfani da ranaku masu muhimmanci ko na jama'a, lambobin tarho, lambobin takaddun shaida, da sauransu.
- Kyakkyawan kalmar sirri ya kamata suna da haruffa da yawa. Ta wannan da bin abubuwan da muka yi la'akari da su a baya za mu iya sanya kalmar sirri ta "kusan" ba za a iya gano su ba.
Lokacin da zamu shigar da kalmar wucewa akan ɗayan na'urorinmu, gabaɗaya muna amfani da wanda ke da saukin tunawa. Ba lallai ba ne a faɗi, wannan yana ɗauka a lokuta da yawa babbar matsalar tsaro hakan yana baiwa masu kutse damar amfani dasu ta hanyar bayanan da suka sani game da mu ko kuma ta hanyar kai hare-hare ta karfi. Don inganta wannan tsaro, dole ne muyi amfani da ƙarin matakan tsaro, kamar amfani da bazuwar kalmomin shiga cewa zamu iya samar da kayan aiki daban-daban.
Nan gaba zamu ga hanyoyi daban-daban wanda zamu iya ƙirƙirar kalmomin shiga bazuwar ta hanyar tashar Ubuntu, ba tare da buƙatar ƙarin software ba. Waɗannan kalmomin shiga na iya zama cikakke mai amfani ga duk ayyukan da suke buƙata kalmar sirri mai ƙarfi. Ba sai an fada ba cewa kalmomin shiga da aka kirkira ba su da wahalar tunawa, saboda haka dole ne mu sami hanyar da za mu kiyaye su a sauƙaƙe.
Yadda ake samar da kalmomin shiga masu karfi a cikin Ubuntu
Don rubuta wannan labarin Ina amfani da Ubuntu 16.04. A cikin Gnu / Linux muna da wasu kayan aikin da suke bamu ikon ƙirƙirar amintaccen kalmar sirri ta atomatik.
Idan ba mu da waɗannan kayan aikin, za mu iya girka su ta amfani da jerin umarni masu zuwa a cikin tashar (Ctrl + Alt + T):
sudo apt install gnupg2 && sudo apt install openssl
GPG
Idan muna so ƙirƙirar kalmar sirri ta amfani GPG, za mu aiwatar da umarni mai zuwa:
gpg --gen-random --armor 1 32
OpenSSL
Idan mun fi so amfani OpenSSL don samar da amintaccen kalmar sirri, dole ne muyi amfani da umarni mai zuwa:
openssl rand -base64 32
KASHE
Sauran zaɓi cewa za mu iya amfani da su don samar da amintaccen kalmar sirri ɗinmu APG, Raguwa na Generator Kalmar wucewa ta atomatik Ya zo an shigar dashi a cikin Ubuntu da ƙananan abubuwansa. Don ƙaddamar da umarnin kawai zamu rubuta a cikin m (Ctrl + Alt T):
apg
Shiri ne da aka tsara don samar da kalmomin shiga "abin haddacewa". Idan kawai ka tafiyar da shi, zai nemeka jerin bayanan da zakuyi aiki dasu, kuma bisa hakan zai samar da kalmar sirri "mai haddacewa." Da wannan nake nufi kusa da kalmar sirri zai nuna mana rubutun sauti don haka zamu iya tuna kalmar sirri.
Umarni don tashar
Toari ga kayan aikin da muka gani yanzu, za mu kuma iya amfani da jerin yayi umarni wanda zai samar da kalmomin shiga bazuwar. Dole ne kawai ku rubuta ɗayan waɗannan layi a cikin tashar (Ctrl + Alt + T):
date +%s | sha256sum | base64 | head -c 32 ; echo
< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32};echo;
tr -cd '[:alnum:]' < /dev/urandom | fold -w30 | head -n1
strings /dev/urandom | grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n'; echo
< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32
dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev
</dev/urandom tr -dc '12345!@#$%qwertQWERTasdfgASDFGzxcvbZXCVB' | head -c32; echo ""
randpw(){ < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-16};echo;} && randpw
Kowane lokaci da muka aiwatar da ɗaya daga cikin waɗannan umarnin, kalmar sirri da za ta ƙirƙiro za ta bambanta ƙwarai kuma ba za ta kasance da alaƙa da wani abin da aka samar a baya ba.
Yadda ake bincika ƙarfin kalmar sirri a cikin Ubuntu
Mutane da yawa na iya yin tunanin cewa kalmar sirri da kake amfani da ita tana da ƙarfi. Don bincika idan wannan gaskiya ne, za mu buƙaci shigar da aikace-aikacen da ake kira cracklib. Shin yayi nazarin dukkan bangarorin kalmar sirri kuma ya bamu sakamako. Don shigar da cracklib akan Ubuntu ko Debian zamuyi amfani da wannan umarnin:
sudo apt-get install libcrack2
Saita kalmar sirri
Da zarar an shigar da aikace-aikacen za mu yi amfani da cracklib-duba ma'auni don bincika matsayin kalmar sirri. Misali, zamu binciki kalmar wucewa mai sauki kuma sananne. A cikin tashar za mu rubuta:
echo "1234abc" | cracklib-check
Hakanan zamu iya bincika kalmar sirri mai ƙarfi ta amfani da:
cat|cracklib-check
Dole ne muyi kwafa kalmar wucewa don inganta a cikin tashar kuma wannan umarnin zai nuna mana sakamakon. Idan sakamakon yana da kyau yana nuna cewa kalmar sirrinmu tana da aminci, yanzu, dole ne mu kiyaye kuma mu sanya wannan kalmar sirri a cikin amintaccen wuri, idan har mun manta da shi.
Matsaloli da ka iya yiwuwa
Zamu iya samun wasu sakamako yayin nazarin kalmar sirri. Wasu misalai sune masu zuwa:
- Ya yi guntu da yawa
- Ya dogara da kalma a cikin ƙamus
- Ya dogara da sunan mai amfani