diff options
Diffstat (limited to '')
-rw-r--r-- | man/man8/chgpasswd.8 | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/man/man8/chgpasswd.8 b/man/man8/chgpasswd.8 index 67c1325..b65edaf 100644 --- a/man/man8/chgpasswd.8 +++ b/man/man8/chgpasswd.8 @@ -2,12 +2,12 @@ .\" Title: chgpasswd .\" Author: Thomas Kłoczko <kloczek@pld.org.pl> .\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/> -.\" Date: 11/08/2022 +.\" Date: 06/21/2024 .\" Manual: System Management Commands -.\" Source: shadow-utils 4.13 +.\" Source: shadow-utils 4.15.2 .\" Language: English .\" -.TH "CHGPASSWD" "8" "11/08/2022" "shadow\-utils 4\&.13" "System Management Commands" +.TH "CHGPASSWD" "8" "06/21/2024" "shadow\-utils 4\&.15\&.2" "System Management Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -63,7 +63,12 @@ command are: .RS 4 Use the specified method to encrypt the passwords\&. .sp -The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods\&. +The available methods are +\fIDES\fR, +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR +and +\fINONE\fR +if your libc supports these methods\&. .RE .PP \fB\-e\fR, \fB\-\-encrypted\fR @@ -94,14 +99,13 @@ directory\&. Only absolute paths are supported\&. .RS 4 Use the specified number of rounds to encrypt the passwords\&. .sp -The value 0 means that the system will choose the default number of rounds for the crypt method (5000)\&. +You can only use this option with crypt method: +\fISHA256\fR \fISHA512\fR .sp -A minimal value of 1000 and a maximal value of 999,999,999 will be enforced\&. -.sp -You can only use this option with the SHA256 or SHA512 crypt method\&. -.sp -By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in +By default, the number of rounds for SHA256 or SHA512 is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in /etc/login\&.defs\&. +.sp +A minimal value of 1000 and a maximal value of 999,999,999 will be enforced for SHA256 and SHA512\&. The default number of rounds is 5000\&. .RE .SH "CAVEATS" .PP @@ -170,7 +174,7 @@ is set to or \fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. .sp -With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&. +With a lot of rounds, it is more difficult to brute force the password\&. But note also that more CPU resources will be needed to authenticate users\&. .sp If not specified, the libc will choose the default number of rounds (5000), which is orders of magnitude too low for modern hardware\&. .sp |