.\" $OpenBSD: passwd.conf.5,v 1.15 2002/05/27 21:12:54 itojun Exp $ .\" .\" Copyright 1997 Niels Provos .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. All advertising materials mentioning features or use of this software .\" must display the following acknowledgement: .\" This product includes software developed by Niels Provos. .\" 4. The name of the author may not be used to endorse or promote products .\" derived from this software without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .Dd September 3, 2001 .Dt PASSWD.CONF 5 .Os .Sh NAME .Nm passwd.conf .Nd format of the password configuration file .Sh DESCRIPTION .Bf -symbolic This configuration file is made obsolete by .Xr login.conf 5 . Support for the .Nm file will be removed in a future release of .Ox . .Ef .Pp The .Pa /etc/passwd.conf file, consisting of .Dq stanzas , describes the configuration of the password cipher used to encrypt local or YP passwords. .Pp There are default, user and group specific stanzas. If no user or group stanza to a specific option is available, the default stanza is used. .Pp To differentiate between user and group stanzas, groups are prefixed with a colon .Pq Ql \&: . .Pp Some fields and their possible values that can appear in this file are: .Bl -tag -width localcipher .It Sy localcipher The cipher to use for local passwords. Possible values are: .Dq old , .Dq newsalt, , .Dq md5 , and .Dq blowfish, . For .Dq newsalt the value of rounds is a 24-bit integer with a minimum of 7250 rounds. For .Dq blowfish the value can be between 4 and 31. It specifies the base 2 logarithm of the number of rounds. .It Sy ypcipher The cipher to use for YP passwords. The possible values are the same as for localcipher. .It Sy pwdcheck An external program that checks the quality of the password. The password is passed to the program on .Pa stdin . An exit code of 0 indicates that the quality of the password is sufficient, an exit code of 1 signals that the password failed the check. .It Sy pwdtries The number of times .Xr passwd 1 enforces a check on the password. If it is 0, the new password will only be accepted if it passes the password quality check. The default is 3. .El .Pp To retrieve information from this file use .Xr pw_getconf 3 . .Sh EXAMPLES Use blowfish as the local cipher; add some more rounds for root and wheel members. The old Unix crypt is used as YP cipher: .Bd -literal default: localcipher = blowfish,4 ypcipher = old root: localcipher = blowfish,7 :wheel: localcipher = blowfish,5 .Ed .Sh FILES .Bl -tag -width /etc/passwd.conf -compact .It Pa /etc/passwd.conf .El .Sh SEE ALSO .Xr passwd 1 , .Xr pw_getconf 3 , .Xr passwd 5