Automic VaultAutomic Vault

brew

Install john with Homebrew, apk, apt, dnf, MacPorts, Nix, pacman, zypper

Featureful UNIX password cracker. Version 1.9.0 via Homebrew; verified 2026-06-19.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install john

local Homebrew formula metadata

MacPortsverified · 94%
sudo port install john

MacPorts ports tree · sysutils/john/Portfile · source: api.github.com

Linux

Alpine Linux apkverified · 92%
sudo apk add john

Alpine Linux edge package indexes · john · source: dl-cdn.alpinelinux.org

Debian aptverified · 92%
sudo apt install john

Debian stable package indexes · john · source: deb.debian.org

Fedora dnfverified · 92%
sudo dnf install john

Fedora Rawhide package metadata · john · source: dl.fedoraproject.org

Nixverified · 92%
nix profile install nixpkgs#john

nixpkgs package indexes · pkgs/by-name/jo/john/package.nix · source: api.github.com

Arch Linux pacmanverified · 92%
sudo pacman -S john

Arch Linux sync databases · john · source: geo.mirror.pkgbuild.com

openSUSE zypperverified · 92%
sudo zypper install john

openSUSE Tumbleweed package metadata · john · source: download.opensuse.org

overview

Package summary

Featureful UNIX password cracker

Commands and aliases

  • john
  • unafs
  • unique
  • unshadow

history

Project history and usage

John the Ripper is a classic open-source password security auditing and recovery tool. Its core identity is a fast Unix password cracker, but the Openwall documentation also presents it as a cross-platform tool for many Unix-like systems, macOS, Windows, DOS, BeOS, and OpenVMS.

Project history

According to Solar Designer on the Openwall john-users list, John the Ripper 1.0 was released in 1996 as a DOS replacement for Cracker Jack, built with DJGPP and optimized for 486 and Pentium systems. The same account says the incremental-mode prototypes date to 1995, the project became open source in 1997, and the 1.5 rewrite in 1998 formed the basis of later releases.

Openwall's project page separates core John from Jumbo: the core release is the smaller, more conservative line, while Jumbo carries broader community functionality. The openwall/john GitHub repository was created in 2011 and serves the development source referenced from the official homepage.

Adoption history

John became part of Unix security practice because it automated weak-password detection against common crypt(3) hashes and later gained support for Kerberos/AFS, Windows LM, DES tripcodes, and many additional formats. Openwall notes that John is included in Owl, Debian, Fedora, Gentoo, Mandriva, SUSE, and BSD ports or packages.

Homebrew keeps a separate john formula for the core package, conflicting with john-jumbo so users choose between the conservative package and the enhanced branch.

How it is used

The core workflow is to feed John password hashes, let it identify or be told a format, crack with wordlist, single, or incremental modes, and save cracked values to john.pot. Related tools such as unshadow and unique support the Unix password-auditing workflow around the main john executable.

Why package nerds care

John is one of the packages that makes Unix security tooling feel like a package-manager canon item: tiny command name, long history, distro ubiquity, and a split between core stability and Jumbo reach. For maintainers, it is also a reminder that packaging security tools means preserving documentation, wordlists, CPU optimizations, and legal/licensing details alongside the executable.

Timeline

  • 1995: Incremental-mode prototypes were written on Unix-like systems.
  • 1996: John the Ripper 1.0 was released for DOS.
  • 1997: John the Ripper became open source.
  • 1998: Version 1.5 rewrote the codebase used by later versions.
  • 2002: The code was imported into CVS for further maintenance as part of Owl.
  • 2011: The openwall/john GitHub repository was created.
  • 2019: Openwall released John the Ripper 1.9.0 core.

Related projects

  • Related projects include John the Ripper Jumbo, John the Ripper Pro, Openwall wordlists, yescrypt, crypt_blowfish, passwdqc, Hash Suite, Hash Suite Droid, and Johnny, the Openwall GUI frontend.

security posture

Risk level: red

credential attack tooling.

Risk classifier

red risk · high confidence · escape-surveillance-offensive

Why

  • credential attack tooling

Signals

  • override:john

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 8 platform targets.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
johncliglobal executable
unafscliglobal executable
uniquecliglobal executable
unshadowcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.9.0
manager updated2026-06-19
local dataok
upstreamnot checked
latest detectednot detected

https://www.openwall.com/john/

install metadata

Package metadata

Package keybrew:john
Version1.9.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/john
Homepagehttps://www.openwall.com/john/
Repositoryhttps://github.com/openwall/john
Upstream docshttps://github.com/openwall/john
LicenseGPL-2.0-or-later
Source archivehttps://www.openwall.com/john/k/john-1.9.0.tar.xz
Last updated2026-06-19T12:31:21-07:00
Pulseupdated
Uses from macOSlibxcrypt
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namejohn
Version Scheme0
Revision1
Conflicts With
  • john-jumbo
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Debian apt95%

john 1.9.0-2

active password cracking tool

http://www.openwall.com/john/

sudo apt install john
  • Section: admin
  • Architecture: amd64
  • 4 dependencies
  • 1 optional deps
  • normalized package name match
  • Matched by: John
Debian stable package indexes · deb.debian.org · Debian stable package indexes: john from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Debian apt95%

john-data 1.9.0-2

active password cracking tool - character sets

http://www.openwall.com/john/

sudo apt install john-data
  • Section: admin
  • Architecture: all
  • Source Package: john
  • normalized package name match
  • Matched by: John
Debian stable package indexes · deb.debian.org · Debian stable package indexes: john-data from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Nix95%

john

nix profile install nixpkgs#john
  • normalized package name match
  • Matched by: John
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/jo/john/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
Ubuntu apt95%

john 1.9.0-2build1

active password cracking tool

http://www.openwall.com/john/

sudo apt install john
  • Section: admin
  • Architecture: amd64
  • 4 dependencies
  • 1 optional deps
  • normalized package name match
  • Matched by: John
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: john from https://archive.ubuntu.com/ubuntu/dists/noble/main/binary-amd64/Packages.gz
Ubuntu apt95%

john-data 1.9.0-2build1

active password cracking tool - character sets

http://www.openwall.com/john/

sudo apt install john-data
  • Section: admin
  • Architecture: all
  • Source Package: john
  • normalized package name match
  • Matched by: John
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: john-data from https://archive.ubuntu.com/ubuntu/dists/noble/main/binary-amd64/Packages.gz
apk95%

john 1.9.0-r8

John the Ripper password cracker

https://www.openwall.com/john

sudo apk add john
  • License: GPL-2.0-or-later
  • Architecture: x86_64
  • Source Package: john
  • 1 dependencies
  • 1 provides
  • normalized package name match
  • Matched by: John
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: john from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

john-bash-completion 1.9.0-r8

Bash completions for john

https://www.openwall.com/john

sudo apk add john-bash-completion
  • License: GPL-2.0-or-later
  • Architecture: x86_64
  • Source Package: john
  • normalized package name match
  • Matched by: John
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: john-bash-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

john-doc 1.9.0-r8

John the Ripper password cracker (documentation)

https://www.openwall.com/john

sudo apk add john-doc
  • License: GPL-2.0-or-later
  • Architecture: x86_64
  • Source Package: john
  • normalized package name match
  • Matched by: John
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: john-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
apk95%

john-zsh-completion 1.9.0-r8

Zsh completions for john

https://www.openwall.com/john

sudo apk add john-zsh-completion
  • License: GPL-2.0-or-later
  • Architecture: x86_64
  • Source Package: john
  • normalized package name match
  • Matched by: John
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: john-zsh-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
dnf95%

john 1.9.0-12.fc43

John the Ripper password cracker

https://www.openwall.com/john

sudo dnf install john
  • License: GPL-2.0-only
  • Category: Unspecified
  • Architecture: x86_64
  • Source Package: john
  • 6 dependencies
  • 2 provides
  • normalized package name match
  • Matched by: John
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: john from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst
pacman95%

john 1.9.0.jumbo1-13

John the Ripper password cracker

https://www.openwall.com/john

sudo pacman -S john
  • License: GPL2 AND custom
  • Architecture: x86_64
  • 8 dependencies
  • 5 optional deps
  • normalized package name match
  • Matched by: John
Arch Linux sync databases · geo.mirror.pkgbuild.com · Arch Linux sync databases: john from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz
zypper95%

john 1.9.0-9.12

Utility to detect weak passwords

https://www.openwall.com/john/

sudo zypper install john
  • License: GPL-2.0-or-later
  • Category: Productivity/Security
  • Architecture: x86_64
  • Source Package: john
  • 14 dependencies
  • 2 provides
  • normalized package name match
  • Matched by: John
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: john from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
MacPorts95%

john

sudo port install john
  • normalized package name match
  • Matched by: John
MacPorts ports tree · api.github.com · MacPorts ports tree: sysutils/john/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
dnf92%

unique 1.1.6-37.fc44

Single instance support for applications

http://www.gnome.org/~ebassi/source/

sudo dnf install unique
  • License: LicenseRef-Callaway-LGPLv2+
  • Category: Unspecified
  • Architecture: i686
  • Source Package: unique
  • 19 dependencies
  • 2 provides
  • installed executable or alias match
  • Matched by: Unique
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: unique from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst
dnf92%

unique-devel 1.1.6-37.fc44

Libraries and headers for Unique

http://www.gnome.org/~ebassi/source/

sudo dnf install unique-devel
  • License: LicenseRef-Callaway-LGPLv2+
  • Category: Unspecified
  • Architecture: i686
  • Source Package: unique
  • 6 dependencies
  • 2 provides
  • installed executable or alias match
  • Matched by: Unique
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: unique-devel from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment