1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
.\" Copyright 1992 Rickard E. Faith (faith@cs.unc.edu)
.\" May be distributed under the GNU General Public License
.TH PASSWD 1 "11 November 1996" "Util-linux 2.6" "Linux Programmer's Manual"
.SH NAME
passwd \- change password
.SH SYNOPSIS
.BR "passwd"
.RB [ " \-o " ]
.RB [ " \-q " ]
.RB [ " \-v " ]
.RI [ " name " [ " password " ]]
.br
.BR "passwd \-f "
.RI [ " arguments to chfn " ]
.br
.BR "passwd \-s "
.RI [ " arguments to chsh " ]
.SH DESCRIPTION
Without arguments
.B passwd
will change the password for the current user. First the user is asked for
the old password, then prompted twice for the new password in order to
catch typing errors.
The one and two argument forms may only be used by the superuser. Using the
one argument form, the superuser may change the password for that
.IR user .
The superuser is not asked for the users old password, but the rules
for proper passwords are also applied unless the
.B "\-o"
option is used. The superuser may have legitimate
reasons to choose a non-conformant password.
The two argument form gives the
.IR user " the " password
stated as the second argument. Note that this password will
be visible to people doing `ps' or so. Avoid this form.
Giving an empty string as the second argument erases the password for the
user, but only in combination with the
.B "\-o"
option.
Password changes may get logged using the
.BR syslog (3)
facility, depending on compile-time defines (on by default).
If so, every change will
be logged at a low level as auth.notice, except for changing the root
password with will be logged with auth.warning.
.SH OPTIONS
.TP
.B "\-f, \-\-fullname"
Change the user's full name (the GECOS field of the passwd entry).
Invokes /usr/bin/chfn with the non-option command line arguments.
.TP
.B "\-o, \-\-force"
Turn off simplicity checks on the new password. This option may only
be used by the super user. This is intend to allow simple initial
passwords given by the superuser.
.TP
.B "\-s, \-\-shell"
Change the user's shell by invoking /usr/bin/chsh with the non-option
command line arguments.
.TP
.B "\-q, \-\-quiet, \-\-silent"
In this mode passwd won't tell that the passwd get's changed.
.TP
.B "\-v, \-V, \-\-version"
Prints version information and exits.
.SH PASSWORD RULES
The new password must fulfill these rules:
.TP
o
be at least six characters long;
.TP
o
must not be equal to the old password;
.TP
o
must contain characters out of at least two of the following classes:
upper and lower case letters, digits and non alphanumeric characters;
.TP
o
must not match neither the username nor any word of the realname,
neither in normal nor in reverse order, neither at the beginning nor
at the end.
.SH BUGS
If you change your mind there is no escaping from this program.
It will insist on a new password until killed from another terminal.
(This is caused by a bug in getpass(3): it ignores signals.)
.SH FILES
.TP
.I /etc/passwd
The password file.
.SH "SEE ALSO"
.BR chsh (1),
.BR chfn (1),
.BR syslog (3),
.BR syslog.conf (5),
.BR passwd (8).
.SH AUTHOR
Peter Orbaek (poe@daimi.aau.dk).
.br
Martin Schulze (joey@infodrom.north.de) with extensive rewriting and
improving done.
|
