passwd.conf(5) - NetBSD Manual Pages

Command: Section: Arch: Collection:  
PASSWD.CONF(5)            NetBSD File Formats Manual            PASSWD.CONF(5)


NAME
passwd.conf -- password encryption configuration file
SYNOPSIS
passwd.conf
DESCRIPTION
The /etc/passwd.conf file, consisting of ``stanzas'', describes the con- figuration of the password cipher used to encrypt local or YP passwords. There are default, user and group specific stanzas. If no user or group stanza to a specific option is available, the default stanza is used. To differentiate between user and group stanzas, groups are prefixed with a single colon (`:'). Some fields and their possible values that can appear in this file are: localcipher The cipher to use for local passwords. Possible values are: ``argon2d,<t=X,m=Y,p=Z>'', ``argon2i,<t=X,m=Y,p=Z>'', ``argon2id,<t=X,m=Y,p=Z>'', ``old'', ``newsalt,<rounds>'', ``md5'', ``sha1,<rounds>'', and ``blowfish,<rounds>''. For ``argon2d'', ``argon2i'', and ``argon2id'', optional hardness parameters can be specified as described in the manual for pwhash(1). For ``newsalt'' the value of rounds is a 24-bit integer with a minimum of 7250 rounds. For ``sha1'' the value of rounds is a 32-bit integer, 0 means use the default of 24680. For ``blowfish'' the value can be between 4 and 31. It specifies the base 2 logarithm of the number of rounds. If not specified, the default value is ``old''. ypcipher The cipher to use for YP passwords. The possible values are the same as for localcipher. If not specified, the default value is ``old''. To retrieve information from this file use pw_getconf(3).
FILES
/etc/passwd.conf
EXAMPLES
Use SHA1 as the local cipher and old-style DES as the YP cipher. Use blowfish with 2^5 rounds for root: default: localcipher = sha1 ypcipher = old root: localcipher = blowfish,5
SEE ALSO
passwd(1), pwhash(1), pw_getconf(3), passwd(5)
HISTORY
The passwd.conf configuration file first appeared in NetBSD 1.6. The default value of localcipher was set to ``sha1'' in /etc/passwd.conf starting from NetBSD 6.0. The default value of localcipher was set to ``argon2id'' in /etc/passwd.conf starting from NetBSD 10.0. NetBSD 10.99 October 26, 2021 NetBSD 10.99
Powered by man-cgi (2024-03-20). Maintained for NetBSD by Kimmo Suominen. Based on man-cgi by Panagiotis Christias.