summaryrefslogtreecommitdiffstats
path: root/man/man8/chgpasswd.8
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--man/man8/chgpasswd.826
1 files changed, 15 insertions, 11 deletions
diff --git a/man/man8/chgpasswd.8 b/man/man8/chgpasswd.8
index 67c1325..b65edaf 100644
--- a/man/man8/chgpasswd.8
+++ b/man/man8/chgpasswd.8
@@ -2,12 +2,12 @@
.\" Title: chgpasswd
.\" Author: Thomas Kłoczko <kloczek@pld.org.pl>
.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
-.\" Date: 11/08/2022
+.\" Date: 06/21/2024
.\" Manual: System Management Commands
-.\" Source: shadow-utils 4.13
+.\" Source: shadow-utils 4.15.2
.\" Language: English
.\"
-.TH "CHGPASSWD" "8" "11/08/2022" "shadow\-utils 4\&.13" "System Management Commands"
+.TH "CHGPASSWD" "8" "06/21/2024" "shadow\-utils 4\&.15\&.2" "System Management Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -63,7 +63,12 @@ command are:
.RS 4
Use the specified method to encrypt the passwords\&.
.sp
-The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods\&.
+The available methods are
+\fIDES\fR,
+\fIMD5\fR, \fISHA256\fR, \fISHA512\fR
+and
+\fINONE\fR
+if your libc supports these methods\&.
.RE
.PP
\fB\-e\fR, \fB\-\-encrypted\fR
@@ -94,14 +99,13 @@ directory\&. Only absolute paths are supported\&.
.RS 4
Use the specified number of rounds to encrypt the passwords\&.
.sp
-The value 0 means that the system will choose the default number of rounds for the crypt method (5000)\&.
+You can only use this option with crypt method:
+\fISHA256\fR \fISHA512\fR
.sp
-A minimal value of 1000 and a maximal value of 999,999,999 will be enforced\&.
-.sp
-You can only use this option with the SHA256 or SHA512 crypt method\&.
-.sp
-By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in
+By default, the number of rounds for SHA256 or SHA512 is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in
/etc/login\&.defs\&.
+.sp
+A minimal value of 1000 and a maximal value of 999,999,999 will be enforced for SHA256 and SHA512\&. The default number of rounds is 5000\&.
.RE
.SH "CAVEATS"
.PP
@@ -170,7 +174,7 @@ is set to
or
\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&.
.sp
-With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&.
+With a lot of rounds, it is more difficult to brute force the password\&. But note also that more CPU resources will be needed to authenticate users\&.
.sp
If not specified, the libc will choose the default number of rounds (5000), which is orders of magnitude too low for modern hardware\&.
.sp