Generate a random string
Produce a fixed-length random ASCII string — useful for tokens, slugs, file suffixes, and test fixtures.
How to generate a random string in each shell
Bashunix
LC_ALL=C tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 16; echoZshunix
LC_ALL=C tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 16; echoFishunix
env LC_ALL=C tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 16; and echoPowerShellwindows
-join ((48..57) + (65..90) + (97..122) | Get-Random -Count 16 | ForEach-Object {[char]$_})`Get-Random -Count` on pwsh 5.1 samples WITHOUT replacement from the input array, so requesting 16 from a 62-element charset is fine; requesting more than the array length silently returns only the available items. For sampling WITH replacement (each draw independent) use `1..16 | ForEach-Object { Get-Random -Maximum 62 } | …`.
cmd.exewindows
powershell -NoProfile -Command "-join ((48..57) + (65..90) + (97..122) | Get-Random -Count 16 | ForEach-Object {[char]$_})"Equivalents listed for Bash, Zsh, Fish, PowerShell, cmd.exe.
Gotchas & notes
- `LC_ALL=C` is LOAD-BEARING. Without it, on UTF-8 locales (every modern macOS / most Linux) `tr` treats `/dev/urandom`'s arbitrary bytes as multi-byte UTF-8 sequences and either errors (`tr: Illegal byte sequence` on macOS BSD) or silently drops valid alphanum runs. `LC_ALL=C` forces byte-by-byte interpretation — the only correct mode when piping `/dev/urandom`.
- Quick variants by encoding: hex (cryptographic): `openssl rand -hex 16` (32 chars). base64 URL-safe: `openssl rand -base64 16 | tr -d "/+=" | head -c 16`. UUID-like: `uuidgen | tr -d -`. Pick by downstream consumer — hex is safest for URLs/filenames; base64 is denser but `/+=` cause URL issues; alphanum is the slowest to type but works everywhere.
- pwsh 5.1 `[System.Web.Security.Membership]::GeneratePassword(N, 0)` produces a crypto-quality alphanum-and-symbol string (requires `Add-Type -AssemblyName System.Web`). For URL-safe random IDs: `[Convert]::ToBase64String((New-Object byte[] 12 | %{$_; [Security.Cryptography.RandomNumberGenerator]::Fill($_)})).TrimEnd("=").Replace("+","-").Replace("/","_")`. Or use the cleaner `Get-Random` for non-crypto identifiers and don't mix the two paths.
- `head -c 16` is BYTES not characters. With ASCII alphanum charsets they coincide (1 byte = 1 char). On a charset including multi-byte UTF-8 chars (`€` is 3 bytes) you'll get fewer than 16 characters. For character-count-aware truncation on macOS use `awk '{print substr($0,1,16)}'`; on Linux `cut -c -16`.
Related commands
Related tasks
- Generate a random password— Produce a strong random password from the command line — cryptographic-quality, not `$RANDOM`.
- Generate a random number— Pick a random integer in a range — useful for sampling, sleep jitter, or simulation seeds.
- Generate a UUID— Mint a random version-4 UUID (or, when ordering matters, a time-sortable UUIDv7) — for primary keys, idempotency tokens, request IDs, and any place a globally-unique identifier is needed without coordinating with a central allocator.
- Hash a file— Compute a cryptographic checksum (SHA-256 by default, MD5 / SHA-1 for legacy interop) of a file's bytes — for verifying downloads, deduplicating, comparing against a published manifest, or generating cache-bust keys.