diff options
Diffstat (limited to 'static/netbsd/man5/passwd.conf.5')
| -rw-r--r-- | static/netbsd/man5/passwd.conf.5 | 147 |
1 files changed, 147 insertions, 0 deletions
diff --git a/static/netbsd/man5/passwd.conf.5 b/static/netbsd/man5/passwd.conf.5 new file mode 100644 index 00000000..5365a723 --- /dev/null +++ b/static/netbsd/man5/passwd.conf.5 @@ -0,0 +1,147 @@ +.\" $NetBSD: passwd.conf.5,v 1.14 2025/12/31 13:02:21 nia Exp $ +.\" +.\" Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote products +.\" derived from this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.Dd October 26, 2021 +.Dt PASSWD.CONF 5 +.Os +.Sh NAME +.Nm passwd.conf +.Nd password encryption configuration file +.Sh SYNOPSIS +.Nm +.Sh DESCRIPTION +The +.Pa /etc/passwd.conf +file, consisting of +.Dq stanzas , +describes the configuration of the password cipher used +to encrypt local or YP passwords. +.Pp +There are default, user and group specific stanzas. +If no user or group +stanza to a specific option is available, the default stanza +is used. +.Pp +To differentiate between user and group stanzas, groups are prefixed +with a single colon +.Pq Sq \&: . +.Pp +Some fields and their possible values that can appear in this file are: +.Bl -tag -width localcipher +.It Sy localcipher +The cipher to use for local passwords. +.Pp +Possible values are: +.Dq argon2d,<t=X,m=Y,p=Z> , +.Dq argon2i,<t=X,m=Y,p=Z> , +.Dq argon2id,<t=X,m=Y,p=Z> , +.Dq old , +.Dq newsalt,<rounds> , +.Dq md5 , +.Dq sha1,<rounds> , +and +.Dq blowfish,<rounds> . +.Pp +For +.Dq argon2d , +.Dq argon2i , +and +.Dq argon2id , +optional hardness parameters can be specified as described in the +manual for +.Xr pwhash 1 . +.Pp +For +.Dq newsalt +the value of rounds is a 24-bit integer with a minimum of 7250 rounds. +.Pp +For +.Dq sha1 +the value of rounds is a 32-bit integer, 0 means use the default +of 24680. +.Pp +For +.Dq blowfish +the value can be between 4 and 31. +It specifies the base 2 logarithm of the number of rounds. +.Pp +If not specified, the default value is +.Dq old . +.It Sy ypcipher +The cipher to use for YP passwords. +.Pp +The possible values are the same as for localcipher. +.Pp +If not specified, the default value is +.Dq old . +.El +.Pp +To retrieve information from this file use +.Xr pw_getconf 3 . +.Sh FILES +.Bl -tag -width /etc/passwd.conf -compact +.It Pa /etc/passwd.conf +.El +.Sh EXAMPLES +Use SHA1 as the local cipher and old-style DES as the YP cipher. +Use blowfish with 2^5 rounds for root: +.Bd -literal + default: + localcipher = sha1 + ypcipher = old + + root: + localcipher = blowfish,5 +.Ed +.Sh SEE ALSO +.Xr passwd 1 , +.Xr pwhash 1 , +.Xr pw_getconf 3 , +.Xr passwd 5 +.Sh HISTORY +The +.Nm +configuration file first appeared in +.Nx 1.6 . +.Pp +The default value of +.Sy localcipher +was set to +.Dq sha1 +in +.Pa /etc/passwd.conf +starting from +.Nx 6.0 . +.Pp +The default value of +.Sy localcipher +was set to +.Dq argon2id +in +.Pa /etc/passwd.conf +starting from +.Nx 10.0 . |