# Install john with Homebrew, apk, apt, dnf, MacPorts, Nix, pacman, zypper

Featureful UNIX password cracker. Version 1.9.0 via Homebrew; verified 2026-06-19.

## Install

```sh
sudo av install brew:john
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install john
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install john
```

  Evidence: MacPorts ports tree: sysutils/john/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- apk (92%):

```sh
sudo apk add john
```

  Evidence: Alpine Linux edge package indexes: john from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

- Debian apt (92%):

```sh
sudo apt install john
```

  Evidence: Debian stable package indexes: john from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz

- dnf (92%):

```sh
sudo dnf install john
```

  Evidence: Fedora Rawhide package metadata: john from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

- Nix (92%):

```sh
nix profile install nixpkgs#john
```

  Evidence: nixpkgs package indexes: pkgs/by-name/jo/john/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

- pacman (92%):

```sh
sudo pacman -S john
```

  Evidence: Arch Linux sync databases: john from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

- zypper (92%):

```sh
sudo zypper install john
```

  Evidence: openSUSE Tumbleweed package metadata: john from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst

## Package facts

- **Package key:** brew:john
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/john>
- **Version:** 1.9.0
- **Source summary:** Featureful UNIX password cracker
- **Homepage:** <https://www.openwall.com/john/>
- **Repository:** <https://github.com/openwall/john>
- **Upstream docs:** <https://github.com/openwall/john>
- **License:** GPL-2.0-or-later
- **Source archive:** <https://www.openwall.com/john/k/john-1.9.0.tar.xz>
- **Last updated:** 2026-06-19T12:31:21-07:00
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- john (cli)
- unafs (cli)
- unique (cli)
- unshadow (cli)
- john (alias)
- unafs (alias)
- unique (alias)
- unshadow (alias)

## Uses from macOS

- libxcrypt

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 1.9.0
- Package-manager updated: 2026-06-19
- Local data: ok
- Upstream repository: https://www.openwall.com/john/
- info: Release/tag comparison is only available for GitHub repositories.
## Project history and usage

John the Ripper is a classic open-source password security auditing and recovery tool. Its core identity is a fast Unix password cracker, but the Openwall documentation also presents it as a cross-platform tool for many Unix-like systems, macOS, Windows, DOS, BeOS, and OpenVMS.

### Project history

According to Solar Designer on the Openwall john-users list, John the Ripper 1.0 was released in 1996 as a DOS replacement for Cracker Jack, built with DJGPP and optimized for 486 and Pentium systems. The same account says the incremental-mode prototypes date to 1995, the project became open source in 1997, and the 1.5 rewrite in 1998 formed the basis of later releases.

Openwall's project page separates core John from Jumbo: the core release is the smaller, more conservative line, while Jumbo carries broader community functionality. The openwall/john GitHub repository was created in 2011 and serves the development source referenced from the official homepage.

### Adoption history

John became part of Unix security practice because it automated weak-password detection against common crypt(3) hashes and later gained support for Kerberos/AFS, Windows LM, DES tripcodes, and many additional formats. Openwall notes that John is included in Owl, Debian, Fedora, Gentoo, Mandriva, SUSE, and BSD ports or packages.

Homebrew keeps a separate john formula for the core package, conflicting with john-jumbo so users choose between the conservative package and the enhanced branch.

### How it is used

The core workflow is to feed John password hashes, let it identify or be told a format, crack with wordlist, single, or incremental modes, and save cracked values to john.pot. Related tools such as unshadow and unique support the Unix password-auditing workflow around the main john executable.

### Why package nerds care

John is one of the packages that makes Unix security tooling feel like a package-manager canon item: tiny command name, long history, distro ubiquity, and a split between core stability and Jumbo reach. For maintainers, it is also a reminder that packaging security tools means preserving documentation, wordlists, CPU optimizations, and legal/licensing details alongside the executable.

### Timeline

- 1995: Incremental-mode prototypes were written on Unix-like systems.
- 1996: John the Ripper 1.0 was released for DOS.
- 1997: John the Ripper became open source.
- 1998: Version 1.5 rewrote the codebase used by later versions.
- 2002: The code was imported into CVS for further maintenance as part of Owl.
- 2011: The openwall/john GitHub repository was created.
- 2019: Openwall released John the Ripper 1.9.0 core.

### Related projects

- Related projects include John the Ripper Jumbo, John the Ripper Pro, Openwall wordlists, yescrypt, crypt_blowfish, passwdqc, Hash Suite, Hash Suite Droid, and Johnny, the Openwall GUI frontend.

### Sources

- <https://api.github.com/repos/openwall/john>
- <https://formulae.brew.sh/formula/john>
- <https://github.com/openwall/john>
- <https://www.openwall.com/john/>
- <https://www.openwall.com/john/doc/>
- <https://www.openwall.com/lists/john-users/2015/09/10/4>


## Security Notes

credential attack tooling.

- **Geiger risk:** red / high
- credential attack tooling

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** john
- **Version Scheme:** 0
- **Revision:** 1
- **Conflicts With:** john-jumbo
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Debian apt - john - 1.9.0-2: normalized package name match | Debian stable package indexes: john from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | active password cracking tool | http://www.openwall.com/john/
- Debian apt - john-data - 1.9.0-2: normalized package name match | Debian stable package indexes: john-data from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | active password cracking tool - character sets | http://www.openwall.com/john/
- Nix - john: normalized package name match | nixpkgs package indexes: pkgs/by-name/jo/john/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- Ubuntu apt - john - 1.9.0-2build1: normalized package name match | Ubuntu 24.04 LTS package indexes: john from https://archive.ubuntu.com/ubuntu/dists/noble/main/binary-amd64/Packages.gz | active password cracking tool | http://www.openwall.com/john/
- Ubuntu apt - john-data - 1.9.0-2build1: normalized package name match | Ubuntu 24.04 LTS package indexes: john-data from https://archive.ubuntu.com/ubuntu/dists/noble/main/binary-amd64/Packages.gz | active password cracking tool - character sets | http://www.openwall.com/john/
- apk - john - 1.9.0-r8: normalized package name match | Alpine Linux edge package indexes: john from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | John the Ripper password cracker | https://www.openwall.com/john
- apk - john-bash-completion - 1.9.0-r8: normalized package name match | Alpine Linux edge package indexes: john-bash-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | Bash completions for john | https://www.openwall.com/john
- apk - john-doc - 1.9.0-r8: normalized package name match | Alpine Linux edge package indexes: john-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | John the Ripper password cracker (documentation) | https://www.openwall.com/john
- apk - john-zsh-completion - 1.9.0-r8: normalized package name match | Alpine Linux edge package indexes: john-zsh-completion from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | Zsh completions for john | https://www.openwall.com/john
- dnf - john - 1.9.0-12.fc43: normalized package name match | Fedora Rawhide package metadata: john from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | John the Ripper password cracker | https://www.openwall.com/john
- pacman - john - 1.9.0.jumbo1-13: normalized package name match | Arch Linux sync databases: john from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz | John the Ripper password cracker | https://www.openwall.com/john
- zypper - john - 1.9.0-9.12: normalized package name match | openSUSE Tumbleweed package metadata: john from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst | Utility to detect weak passwords | https://www.openwall.com/john/
- MacPorts - john: normalized package name match | MacPorts ports tree: sysutils/john/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
- dnf - unique - 1.1.6-37.fc44: installed executable or alias match | Fedora Rawhide package metadata: unique from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | Single instance support for applications | http://www.gnome.org/~ebassi/source/
- dnf - unique-devel - 1.1.6-37.fc44: installed executable or alias match | Fedora Rawhide package metadata: unique-devel from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | Libraries and headers for Unique | http://www.gnome.org/~ebassi/source/


## Related links

- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [hydra](https://www.automicvault.com/pkg/brew/hydra/) - Shares av.db curated category or tags: cli, password-auditing, security.
- [ncrack](https://www.automicvault.com/pkg/brew/ncrack/) - Shares av.db curated category or tags: cli, password-auditing, security.
- [chkrootkit](https://www.automicvault.com/pkg/brew/chkrootkit/) - Shares av.db curated category or tags: cli, security, unix.
- [duo_unix](https://www.automicvault.com/pkg/brew/duo-unix/) - Shares av.db curated category or tags: cli, security, unix.
- [jailkit](https://www.automicvault.com/pkg/brew/jailkit/) - Shares av.db curated category or tags: cli, security, unix.
- [pwgen](https://www.automicvault.com/pkg/brew/pwgen/) - Shares av.db curated category or tags: cli, security, unix.
- [sshtrix](https://www.automicvault.com/pkg/brew/sshtrix/) - Shares av.db curated category or tags: cli, password-auditing, security.
- [aide](https://www.automicvault.com/pkg/brew/aide/) - Shares av.db curated category or tags: cli, security.
- [passwdqc](https://www.automicvault.com/pkg/brew/passwdqc/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, password, security.

## Combined YAML source

View the package source record on GitHub. [combined/john.yml](https://github.com/automic-vault/db/blob/main/combined/john.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
