summaryrefslogtreecommitdiffstats
path: root/man/man8/chpasswd.8
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:37 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:37 +0000
commitb6b00dd55e035bfbe311a527b567962ffa77ee43 (patch)
treecafc4d13785448e5a78bd40a51697ee07f07ac12 /man/man8/chpasswd.8
parentAdding debian version 1:4.13+dfsg1-5. (diff)
downloadshadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.tar.xz
shadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.zip
Merging upstream version 1:4.15.2.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'man/man8/chpasswd.8')
-rw-r--r--man/man8/chpasswd.836
1 files changed, 21 insertions, 15 deletions
diff --git a/man/man8/chpasswd.8 b/man/man8/chpasswd.8
index 67b4156..107f4ae 100644
--- a/man/man8/chpasswd.8
+++ b/man/man8/chpasswd.8
@@ -2,12 +2,12 @@
.\" Title: chpasswd
.\" Author: Julianne Frances Haugh
.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
-.\" Date: 11/08/2022
+.\" Date: 06/21/2024
.\" Manual: System Management Commands
-.\" Source: shadow-utils 4.13
+.\" Source: shadow-utils 4.15.2
.\" Language: English
.\"
-.TH "CHPASSWD" "8" "11/08/2022" "shadow\-utils 4\&.13" "System Management Commands"
+.TH "CHPASSWD" "8" "06/21/2024" "shadow\-utils 4\&.15\&.2" "System Management Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -68,7 +68,12 @@ command are:
.RS 4
Use the specified method to encrypt the passwords\&.
.sp
-The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods\&.
+The available methods are
+\fIDES\fR,
+\fIMD5\fR, \fISHA256\fR, \fISHA512\fR
+and
+\fINONE\fR
+if your libc supports these methods\&.
.sp
By default (if none of the
\fB\-c\fR,
@@ -106,22 +111,23 @@ directory and use the configuration files from the
directory\&. Only absolute paths are supported\&.
.RE
.PP
+\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR
+.RS 4
+Apply changes to configuration files under the root filesystem found under the directory
+\fIPREFIX_DIR\fR\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&.
+.RE
+.PP
\fB\-s\fR, \fB\-\-sha\-rounds\fR\ \&\fIROUNDS\fR
.RS 4
Use the specified number of rounds to encrypt the passwords\&.
.sp
-The value 0 means that the system will choose the default number of rounds for the crypt method (5000)\&.
-.sp
-A minimal value of 1000 and a maximal value of 999,999,999 will be enforced\&.
+You can only use this option with crypt method:
+\fISHA256\fR \fISHA512\fR
.sp
-You can only use this option with the SHA256 or SHA512 crypt method\&.
-.sp
-By default, the number of rounds is defined by the
-\fBSHA_CRYPT_MIN_ROUNDS\fR
-and
-\fBSHA_CRYPT_MAX_ROUNDS\fR
-variables in
+By default, the number of rounds for SHA256 or SHA512 is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in
/etc/login\&.defs\&.
+.sp
+A minimal value of 1000 and a maximal value of 999,999,999 will be enforced for SHA256 and SHA512\&. The default number of rounds is 5000\&.
.RE
.SH "CAVEATS"
.PP
@@ -173,7 +179,7 @@ is set to
or
\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&.
.sp
-With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&.
+With a lot of rounds, it is more difficult to brute force the password\&. But note also that more CPU resources will be needed to authenticate users\&.
.sp
If not specified, the libc will choose the default number of rounds (5000), which is orders of magnitude too low for modern hardware\&.
.sp