2011-03-30 13:49:47 +00:00
|
|
|
.TH PASSWD 1
|
|
|
|
.SH NAME
|
|
|
|
passwd, netkey \- change or verify user password
|
|
|
|
.SH SYNOPSIS
|
|
|
|
.B passwd
|
|
|
|
[
|
|
|
|
.IR username [@ domain ]
|
|
|
|
]
|
|
|
|
.PP
|
|
|
|
.B netkey
|
|
|
|
.SH DESCRIPTION
|
|
|
|
.I Passwd
|
|
|
|
changes the invoker's Plan 9 password and/or APOP secret.
|
|
|
|
The Plan 9 password is used to login to a terminal while
|
|
|
|
the APOP secret is used for a number of external services:
|
|
|
|
POP3, IMAP, and VPN access. The optional argument specifies
|
|
|
|
the user name and authentication domain to use if different
|
|
|
|
than the one associated with the machine
|
|
|
|
.I passwd
|
|
|
|
is run on.
|
|
|
|
.PP
|
|
|
|
The program first prompts for the old Plan 9 password in the specified
|
|
|
|
domain to establish
|
|
|
|
identity.
|
|
|
|
It then prompts for changes to the password and the
|
|
|
|
secret.
|
|
|
|
New passwords and secrets must be typed twice, to forestall mistakes.
|
|
|
|
New passwords must be sufficiently hard to guess.
|
|
|
|
They may be of any length greater than seven characters.
|
|
|
|
.PP
|
|
|
|
.I Netkey
|
|
|
|
prompts for a password to encrypt network challenges.
|
2015-05-03 21:37:54 +00:00
|
|
|
It is a substitute for a SecureNet box. It may only be run on a terminal.
|
2011-03-30 13:49:47 +00:00
|
|
|
.SH SOURCE
|
|
|
|
.B /sys/src/cmd/auth/passwd.c
|
|
|
|
.br
|
|
|
|
.B /sys/src/cmd/auth/netkey.c
|
|
|
|
.SH "SEE ALSO"
|
|
|
|
.I readnvram
|
|
|
|
in
|
|
|
|
.IR authsrv (2),
|
|
|
|
.IR encrypt (2),
|
|
|
|
.IR cons (3),
|
|
|
|
.IR auth (8),
|
|
|
|
.IR securenet (8)
|
|
|
|
.PP
|
|
|
|
Robert Morris and Ken Thompson,
|
|
|
|
``UNIX Password Security,''
|
|
|
|
.I AT&T Bell Laboratories Technical Journal
|
|
|
|
Vol 63 (1984), pp. 1649-1672
|
|
|
|
.SH BUGS
|
|
|
|
Now that
|
|
|
|
.I cpu
|
|
|
|
connections are always encrypted, the only good reason
|
|
|
|
to require that these commands be run only on terminals
|
|
|
|
is concern that the CPU server might be subverted.
|