I often have to set up Unix accounts for people. People who will comfortably live their entire lives having no idea what an SSH key is. Getting the password to these people can be a trick if they’re not near me. I often leave the password written on a piece of paper somewhere they can pick it up at their leisure. The problem I kept having was that good passwords always have homograph problems. That, combined with my very bad handwriting, makes using a randomly generated password nearly impossible.

This is the method I came up with which seems to cure that specific aspect of the problem.

echo $( tr -dc 'abdefhqrADEFHLQR2347@#$%&*=?' < /dev/urandom | head -c10 )

In theory this will produce (somewhat) random passwords which can be hand written with very little ambiguity. They’re also obnoxious enough that users tend to change them right away. I’ll let the entropy philosophers debate whether this is a "good" password or not.

Update: I have been informed that Mac’s don’t naturally like my specific command. I have tracked this down to some kind of Unicode issue which requires the following slight modification.

echo $(LC_CTYPE=C tr -dc 'abdefhqrADEFHLQR2347@#$%&*=?' < /dev/urandom | head -c10 )

I have successfully created this function in my ~/.bashrc.

function pwgen {
    export LC_CTYPE=C
    tr -dc 'abdefhqrADEFHLQR2347@#$%&*=?' < /dev/urandom | head -c10
    echo
}