MirBSD manpage: passwd.conf(5)

PASSWD.CONF(5)               BSD Reference Manual               PASSWD.CONF(5)


     passwd.conf - format of the password configuration file


     This configuration file is made obsolete by login.conf(5). Support for
     the passwd.conf file will be removed in a future release of OpenBSD.

     The /etc/passwd.conf file, consisting of "stanzas", describes the confi-
     guration of the password cipher used to encrypt local or YP passwords.

     There are default, user and group specific stanzas. If no user or group
     stanza to a specific option is available, the default stanza is used.

     To differentiate between user and group stanzas, groups are prefixed with
     a colon (':').

     Some fields and their possible values that can appear in this file are:

     localcipher  The cipher to use for local passwords. Possible values are:
                  "old", "newsalt,<rounds>", "md5", and "blowfish,<rounds>".
                  For "newsalt" the value of rounds is a 24-bit integer with a
                  minimum of 7250 rounds. For "blowfish" the value can be
                  between 4 and 31. It specifies the base 2 logarithm of the
                  number of rounds.

     ypcipher     The cipher to use for YP passwords. The possible values are
                  the same as for localcipher.

     pwdcheck     An external program that checks the quality of the password.
                  The password is passed to the program on stdin. An exit code
                  of 0 indicates that the quality of the password is suffi-
                  cient, an exit code of 1 signals that the password failed
                  the check.

     pwdtries     The number of times passwd(1) enforces a check on the pass-
                  word. If it is 0, the new password will only be accepted if
                  it passes the password quality check. The default is 3.

     To retrieve information from this file use pw_getconf(3).




     Use blowfish as the local cipher; add some more rounds for root and wheel
     members. The old Unix crypt is used as YP cipher:

           localcipher = blowfish,4
           ypcipher = old

           localcipher = blowfish,7

           localcipher = blowfish,5


     passwd(1), pw_getconf(3), passwd(5)


     The /etc/passwd.conf file appeared in OpenBSD 2.1 and was deprecated in
     OpenBSD 3.0.

MirBSD #10-current            September 3, 2001                              1

Generated on 2022-12-24 01:00:14 by $MirOS: src/scripts/roff2htm,v 1.113 2022/12/21 23:14:31 tg Exp $ — This product includes material provided by mirabilos.

These manual pages and other documentation are copyrighted by their respective writers; their sources are available at the project’s CVSweb, AnonCVS and other mirrors. The rest is Copyright © 2002–2022 MirBSD.

This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report — diffs preferred.

Kontakt / Impressum & Datenschutzerklärung