- NetBSD Manual Pages
PASSWD.CONF(5) NetBSD File Formats Manual PASSWD.CONF(5)
Powered by man-cgi (2021-06-01).
Maintained for NetBSD
by Kimmo Suominen.
Based on man-cgi by Panagiotis Christias.
passwd.conf -- password encryption configuration file
The /etc/passwd.conf file, consisting of ``stanzas'', describes the con-
figuration of the password cipher used to encrypt local or YP passwords.
There are default, user and group specific stanzas. If no user or group
stanza to a specific option is available, the default stanza is used.
To differentiate between user and group stanzas, groups are prefixed with
a single colon (`:').
Some fields and their possible values that can appear in this file are:
localcipher The cipher to use for local passwords. Possible values are:
``old'', ``newsalt,<rounds>'', ``md5'', ``sha1,<rounds>'',
and ``blowfish,<rounds>''. For ``newsalt'' the value of
rounds is a 24-bit integer with a minimum of 7250 rounds.
For ``sha1'' the value of rounds is a 32-bit integer, 0
means use the default of 24680. For ``blowfish'' the value
can be between 4 and 31. It specifies the base 2 logarithm
of the number of rounds.
ypcipher The cipher to use for YP passwords. The possible values are
the same as for localcipher.
To retrieve information from this file use pw_getconf(3).
Use MD5 as the local cipher and old-style DES as the YP cipher. Use
blowfish with 2^5 rounds for root:
localcipher = md5
ypcipher = old
localcipher = blowfish,5
passwd(1), pwhash(1), pw_getconf(3), passwd(5)
The passwd.conf configuration file first appeared in NetBSD 1.6.
NetBSD 5.0 September 4, 2005 NetBSD 5.0