Published: 05.05.2021 | Edited: 09.05.2021 | Tags: 100daystooffload

Cheatsheet: uuid

Today I've learned about the different versions of Universally Unique IDentifiers (UUID) and decided to compile a short cheatsheet for the uuid command supplied by the Open Source Software Project (OSSP). Note that there is also uuidgen command that is supported by the util-linux but I find the OSSP's version command parameters easier to remember.

  • Generate a version 1 UUID which is based on time and system's hardware address, if present. You probably do not want to use this option for a security related tasks due to it's possible predictability:


  • Generate a version 4 UUID, which is based on random data. This is the most generic option without any security considerations or requirements. It's main property is randomness:

uuid -v4

  • Generate a version 5 UUID, which is based on the supplied object name with a specified namespace prefix while using a SHA1 hash function. It's main property is reproducibility:

uuid -v5 ns:DNS|URL|OID|X500 object_name

This is the option that took me the most time to understand. The topic is quite broad and would require another post. For now, version 5 UUID is used primarily as a Uniform Resource Name (URN). URNs are meant to be persistent identifiers, meaning they are available long after the resource they identify is no longer available.

Other uses

  • Generate multiple version 4 UUID identifiers at once:

uuid -v4 -n count

  • Generate a version 4 UUID and specify the output format, useful when requiring a binary or Single Integer Value (SIV) representation is required, as opposed to default well known string representation:

uuid -v4 -F BIN|STR|SIV

  • Generate a UUIDv4 and write the output to a file:

uuid -v4 -o path/to/file

  • Decode a given UUID:

uuid -d uuid

Although it is by design not possible to trace to the source of the information just by looking at the UUID directly, decoding can be useful when debugging the application and not many command-line tools provide this functionality, so it is worth keeping this in mind.

What about version 2 and version 3?

Version 2 UUID is reserved for internal use only and not readily available.

Version 3 is still supported and readily available, but not covered here. It has the same properties as version 5 but it is using a MD5 hash, which is already considered to be cryptographically broken. Version 3 is thus not recommend to use in new designs.


This is a 56th post of #100daystooffload.