Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

id(1M)

login(1)

passmgmt(1M)

pwconv(1M)

su(1M)

useradd(1M)

userdel(1M)

usermod(1M)

crypt(3C)

passwd(4)

shadow(4)

passwd(1)  —  USER COMMANDS

NAME

passwd − change login password and password attributes

SYNOPSIS

passwd [ login_name ]

passwd [ −l | −d ] [ −f ] [ −n min ] [ −x max ] [ −w warn ] login_name

passwd −s [ −a ]

passwd −s [ login_name ]

DESCRIPTION

The passwd command changes the password or lists password attributes associated with the user’s login_name.  Additionally, privileged-users may use passwd to install or change passwords and attributes associated with any login_name. 

If login_name is not specified, passwd uses getlogin() to obtain the user’s login_name from /etc/utmp.  If the user has obtained a shell on the system in a way that does not create a login_name entry in /etc/utmp, passwd will return a usage error when invoked without login_name specified. 

If the user has used su(1) to change to a new name, passwd will return Permission denied when invoked without login_name specified. 

When used to change a password, passwd prompts ordinary users for their old password, if any.  It then prompts for the new password twice.  When the old password is entered, passwd checks to see if it has “aged” sufficiently.  If aging is insufficient, passwd terminates [see shadow(4)]. 

Assuming aging is sufficient, a check is made to ensure that the new password meets construction requirements.  When the new password is entered a second time, the two copies of the new password are compared.  If the two copies are not identical the cycle of prompting for the new password is repeated for at most two more times. 

Passwords must be constructed to meet the following requirements:

Each password must have at least six characters. Only the first eight characters are significant. PASSLENGTH is found in /etc/default/passwd and is set to 6. 

Each password must contain at least two alphabetic characters and at least one numeric or special character.  In this case, “alphabetic” refers to all upper or lower case letters. 

Each password must differ from the user’s login_name and any reverse or circular shift of that login_name. For comparison purposes, an upper case letter and its corresponding lower case letter are equivalent.

New passwords must differ from the old by at least three characters.  For comparison purposes, an upper case letter and its corresponding lower case letter are equivalent. 

Super-users (for example, real and effective UID equal to zero) [see id(1M) and su(1M)] may change any password; hence, passwd does not prompt privileged-users for the old password.  Privileged-users are not forced to comply with password aging and password construction requirements.  A privileged-user can create a null password by entering a carriage return in response to the prompt for a new password.  (This differs from passwd −d because the “password” prompt will still be displayed.) 

passwd(1) now supports changing NIS passwords; however, the following limitations apply:

If there is an entry for a user in the passwd file, then passwd(1) always attempts to change the entry for that user in the shadow file. 

If there are no entries for the user in the passwd file, passwd(1) will run ypasswd to change the NIS password only.  When passwd(1) starts ypasswd, it prints a message to indicate the NIS password will change. 

This change allows a user with an NIS-served account and an aged password or no password, to change their password and log in. Without this change, the user would be unable to do so. 

Any user may use the −s option to show password attributes for his or her own login_name. 

The format of the display will be:

login_name status mm/dd/yy min max warn

or, if password aging information is not present,

login_name status

where

login_name The login ID of the user. 

status The password status of login_name: PS stands for passworded or locked, LK stands for locked, and NP stands for no password. 

mm/dd/yy The date password was last changed for login_name.  (Note that all password aging dates are determined using Greenwich Mean Time and, therefore, may differ by as much as a day in other time zones.) 

min The minimum number of days required between password changes for login_name.  MINWEEKS is found in /etc/default/passwd and is set to NULL. 

max The maximum number of days the password is valid for login_name.  MAXWEEKS is found in /etc/default/passwd and is set to NULL. 

warn The number of days relative to max before the password expires that the login_name will be warned.  WARNWEEKS is found in /etc/default/passwd and is the number of weeks before password expiration when the user should start being warned. 

Only a privileged-user can use the following options:

−l Locks password entry for login_name. 

−d Deletes password for login_name.  The login_name will not be prompted for password. 

−n Set minimum field for login_name.  The min field contains the minimum number of days between password changes for login_name.  If min is greater than max, the user may not change the password.  Always use this option with the −x option, unless max is set to −1 (aging turned off).  In that case, min need not be set. 

−x Set maximum field for login_name.  The max field contains the number of days that the password is valid for login_name.  The aging for login_name will be turned off immediately if max is set to -1.  If it is set to 0, then the user is forced to change the password at the next login session and aging is turned off. 

−w Set warn field for login_name.  The warn field contains the number of days before the password expires that the user will be warned. 

−a Show password attributes for all entries.  Use only with −s option; login_name must not be provided. 

−f Force the user to change password at the next login by expiring the password for login_name. 

SECURITY

The file /etc/default/passwd contains the variable PASSGEN.  PASSGEN determines whether passwords are human generated (i.e., by the user) or machine generated.  If PASSGEN is not set to HUMAN, users will be given machine generated passwords.  A choice of three machine generated passwords will be presented, along with an option to quit passwd and leave the password unchanged. 

FILES

/etc/shadow, /etc/passwd, /etc/oshadow, /etc/default/passwd

DIAGNOSTICS

The passwd command exits with one of the following values:

0SUCCESS. 

1Permission denied. 

2Invalid combination of options. 

3Unexpected failure.  Password file unchanged. 

4Unexpected failure.  Password file(s) missing. 

5Password file(s) busy.  Try again later. 

6Invalid argument to option. 

SEE ALSO

id(1M), login(1), passmgmt(1M), pwconv(1M), su(1M), useradd(1M), userdel(1M), usermod(1M), crypt(3C), passwd(4), shadow(4). 
 

WARNING

If root deletes a password for a user with the passwd -d command and password aging is in effect for that user, the user will not be allowed to add a new password until the NULL password has been aged.  This results in a user without a password (who therefore cannot log in).  It is recommended that the -f option be used whenever the -d (delete) option is used.  This will force a user to change the password at the next login. 

  —  Essential Utilities

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026