minix man page for pwdauth

PWDAUTH()																 PWDAUTH()

NAME
       pwdauth - password authentication program

SYNOPSIS
       /usr/lib/pwdauth

DESCRIPTION
       Pwdauth is a program that is used by the crypt(3) function to do the hard work.	It is a setuid root utility so that it is able to read the
       shadow password file.

       Pwdauth expects on standard input two null terminated strings, the password typed by the user, and the salt.  That is, the two arguments of
       the  crypt  function.   The input read in a single read call must be 1024 characters or less including the nulls.  Pwdauth takes one of two
       actions depending on the salt.

       If the salt has the form "##user" then the user is used to index the shadow password file to obtain  the  encrypted  password.	The  input
       password  is encrypted with the one-way encryption function contained within pwdauth and compared to the encrypted password from the shadow
       password file.  If equal then pwdauth returns the string "##user" with exit code 0, otherwise exit code 2 to signal  failure.   The  string
       "##user" is also returned if both the shadow password and the input password are null strings to allow a password-less login.

       If  the salt is not of the form "##user" then the password is encrypted and the result of the encryption is returned.  If salt and password
       are null strings then a null string is returned.

       The return value is written to standard output as a null terminated string of 1024 characters or less including the null.

       The exit code is 1 on any error.

SEE ALSO
       crypt(3), passwd(5).

NOTES
       A password must be checked like in this example:

	      pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0);

       The second argument of crypt must be the entire encrypted password and not just the two character salt.

AUTHOR
       Kees J. Bot (kjb@cs.vu.nl)

																	 PWDAUTH()