To check the status of an account you can issue following on Linux:
From the man page of passwd:
About the rules with the 14-25 characters for password length I would not worry since the binaries and libraries dealing with that usually work as intended.
Also something from the man page of shadow that might help:
Hi,
I want to append password into /etc/shadow file using a shell script.
My below script does add the users to both /etc/passwd and /etc/shadow but how can I add the hordcoded passwords to /etc/shadow file can some one help me ?
# To add the groups into /etc/group file
for a_user... (5 Replies)
hi,
I had to reset a lost root password by editing the /etc/passwd and /etc/shadow files ( this is a xen vm file, so i mounted and chrooted the file )
after the reboot with an empty password on root , i have set a new password with passwd but
it only changed the /etc/passwd file.... (0 Replies)
Hi Solaris's expert
I need to change user password on Solaris10 2 servers.
With the same password I can change it just only one.
Try to check everything but not found difference??
password pattern: abcdeFgh9Jk
server1 check all characters but server2 check only first 8 characters.Why??... (10 Replies)
Hi,
I am running NIS server on redhat linux 5 and I want to implement password restrictions for the yppasswd, how can I do it.Please help me.
I can implement password restriction for passwd by configuring /etc/pam.d/system-auth and setting crack_lib.so but I don't know how to implent the same... (3 Replies)
hi folk,
i try to setup a new password policy for our solaris box user, below are the /etc/default/passwd/, but then when i tried to create a user, it didn't ask for numeric character, and the new password also didn't ask for special characters.
# useradd testing
# passwd testing
New... (7 Replies)
On SPARC Solaris 10. I set the app account so it's expired. I also want it
so not required to change password at first login, I can do this by
removing the numbers after the password in /etc/shadow.
example using user1
The /etc/shadow file looks like this:
user1:kOmcVXAImRTAY:0::::90::
... (8 Replies)
i have an application that uses the encrypted password that's in the /etc/shadow file.
i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios.
this application allowed that... (5 Replies)
Hello Team,
I am using Lubuntu & have DRBL remote boot setup with open Ldap authentication. Currently there is no password expire policy. I want to set Password Policy so that user's password will expire after a month & they will get prompt to change their password.
Using PAM we can do it,... (1 Reply)
I need help. I have set a password policy. But I want to dis allow setting user name as password.
My policy is as below...
min length =8
min diff=2
min alpha=2
max repeats=2
dictionary= /usr/share/dict/words
Still user can set his username as password (i.e. Jackie1234).
Code tags for... (11 Replies)
Discussion started by: powerAIX
11 Replies
LEARN ABOUT MINIX
pwdauth
PWDAUTH() PWDAUTH()
NAME
pwdauth - password authentication program
SYNOPSIS
/usr/lib/pwdauth
DESCRIPTION
Pwdauth is a program that is used by the crypt(3) function to do the hard work. It is a setuid root utility so that it is able to read the
shadow password file.
Pwdauth expects on standard input two null terminated strings, the password typed by the user, and the salt. That is, the two arguments of
the crypt function. The input read in a single read call must be 1024 characters or less including the nulls. Pwdauth takes one of two
actions depending on the salt.
If the salt has the form "##user" then the user is used to index the shadow password file to obtain the encrypted password. The input
password is encrypted with the one-way encryption function contained within pwdauth and compared to the encrypted password from the shadow
password file. If equal then pwdauth returns the string "##user" with exit code 0, otherwise exit code 2 to signal failure. The string
"##user" is also returned if both the shadow password and the input password are null strings to allow a password-less login.
If the salt is not of the form "##user" then the password is encrypted and the result of the encryption is returned. If salt and password
are null strings then a null string is returned.
The return value is written to standard output as a null terminated string of 1024 characters or less including the null.
The exit code is 1 on any error.
SEE ALSO crypt(3), passwd(5).
NOTES
A password must be checked like in this example:
pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0);
The second argument of crypt must be the entire encrypted password and not just the two character salt.
AUTHOR
Kees J. Bot (kjb@cs.vu.nl)
PWDAUTH()