passwd.conf(5) [netbsd man page]
PASSWD.CONF(5) BSD File Formats Manual PASSWD.CONF(5) NAME
passwd.conf -- password encryption configuration file SYNOPSIS
passwd.conf DESCRIPTION
The /etc/passwd.conf file, consisting of ``stanzas'', describes the configuration of the password cipher used to encrypt local or YP pass- words. There are default, user and group specific stanzas. If no user or group stanza to a specific option is available, the default stanza is used. To differentiate between user and group stanzas, groups are prefixed with a single colon (':'). Some fields and their possible values that can appear in this file are: localcipher The cipher to use for local passwords. Possible values are: ``old'', ``newsalt,<rounds>'', ``md5'', ``sha1,<rounds>'', and ``blowfish,<rounds>''. For ``newsalt'' the value of rounds is a 24-bit integer with a minimum of 7250 rounds. For ``sha1'' the value of rounds is a 32-bit integer, 0 means use the default of 24680. For ``blowfish'' the value can be between 4 and 31. It specifies the base 2 logarithm of the number of rounds. If not specified, the default value is ``old''. ypcipher The cipher to use for YP passwords. The possible values are the same as for localcipher. If not specified, the default value is ``old''. To retrieve information from this file use pw_getconf(3). FILES
/etc/passwd.conf EXAMPLES
Use SHA1 as the local cipher and old-style DES as the YP cipher. Use blowfish with 2^5 rounds for root: default: localcipher = sha1 ypcipher = old root: localcipher = blowfish,5 SEE ALSO
passwd(1), pwhash(1), pw_getconf(3), passwd(5) HISTORY
The passwd.conf configuration file first appeared in NetBSD 1.6. The default value of localcipher was set to ``sha1'' in /etc/passwd.conf starting from NetBSD 6.0. BSD
December 3, 2010 BSD
Check Out this Related Man Page
crypt_sunmd5(5) Standards, Environments, and Macros crypt_sunmd5(5) NAME
crypt_sunmd5 - password hashing module using MD5 message hash algorithm SYNOPSIS
/usr/lib/security/$ISA/crypt_sunmd5.so DESCRIPTION
The crypt_sunmd5 module is a one-way password hashing module for use with crypt(3C) that uses the MD5 message hash algorithm. The algorithm identifier for crypt.conf(4) and policy.conf(4) is md5. This module is designed to make it difficult to crack passwords that use brute force attacks based on high speed MD5 implementations that use code inlining, unrolled loops, and table lookup. The maximum password length for crypt_sunmd5 is 255 characters. The following options can be passed to the module by means of crypt.conf(4): rounds=<positive_number> Specifies the number of additional rounds of MD5 to use in generation of the salt; the default number of rounds is 4096. Negative val- ues have no effect and are ignored, that is, the number of rounds cannot be lowered below 4096. The number of additional rounds is stored in the salt string returned by crypt_gensalt(3C). For example: $md5,rounds=1000$nlxmTTpz$ When crypt_gensalt(3C) is being used to generate a new salt, if the number of additional rounds configured in crypt.conf(4) is greater than that in the old salt, the value from crypt.conf(4) is used instead. This allows for migration to stronger (but more time-consum- ing) salts on password change. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |MT-Level |Safe | +-----------------------------+-----------------------------+ SEE ALSO
passwd(1), crypt(3C), crypt_genhash_impl(3C), crypt_gensalt(3C), crypt_gensalt_impl(3C), getpassphrase(3C), crypt.conf(4), passwd(4), pol- icy.conf(4), attributes(5) SunOS 5.10 23 Dec 2003 crypt_sunmd5(5)