chsh man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

passwd(1)							     passwd(1)

NAME
       passwd, chfn, chsh - Changes password file information

SYNOPSIS
       passwd [-f  | -s] [username]

       passwd  -q  [username]

       passwd  -q  -a

       chfn [username]

       chsh [username]

OPTIONS
       Displays	 the password attributes of all users. This option may only be
       used with the -q option and you must be root.  Invokes the chfn command
       when given with the passwd command.  Displays the password status of PS
       if the user has a password, LK if the user has an administrative	 lock,
       or  NP if the user has no password.  Users other than root may only use
       the -q option on themselves. If a username is not specified, the	 pass‐
       word  status  of	 the  current username is displayed.  Invokes the chsh
       command when given with the passwd command.  Prompts the user to change
       their general user information, such as full name, office phone, office
       number, and home phone number. Phone numbers can	 be  entered  with  or
       without dashes.	Included in each prompt is a default value enclosed in
       [ ] (brackets). Press the Enter key to  accept  the  default  value  or
       enter a new value or the word none to leave a field blank and press the
       Enter key.

	      To display general information for  a  user,  enter  the	finger
	      username command.

	      A	 superuser  can	 change	 any user's general information; other
	      users can only change their own. Superusers  can	also  run  the
	      account management interfaces, dxaccounts, and usermod to modify
	      passwords.  Prompts the user to change the login shell. The  new
	      login  shell  must  be  one of the approved shells listed in the
	      /etc/shells file unless you have superuser privileges.   If  the
	      /etc/shells  file	 does  not  exist, the only shells that can be
	      specified are /usr/bin/sh and /usr/bin/csh.  If  you  abbreviate
	      the  shell  name,	 the  first entry in the /etc/shells file that
	      matches the shell abbreviation is used.	For  example,  if  you
	      specify  ksh,  and both the /bin/ksh and /usr/bin/ksh shells are
	      in the /etc/shells file, the shell is changed to the shell  that
	      is listed.

	      A	 superuser  can change any user's login shell; other users can
	      only change their own.

DESCRIPTION
       The passwd command changes the password associated with	your  username
       (by default) or the specified username.

       A  password  must  have	at least six characters and can be up to eight
       characters. If you enter more than eight	 characters  when  creating  a
       password,  the  passwd command ignores any characters after the eighth.
       A password can include digits, symbols, and the letters of your	alpha‐
       bet.   It  is  strongly suggested that you include unusual punctuation,
       control characters, or digits in your password. Use of  only  lowercase
       letters is discouraged.

       This  passwd  command  uses the Security Integration Architecture (SIA)
       routine as an interface to the  security	 modules.  When	 entering  the
       passwd command, a user is either prompted for password information or a
       menu is displayed from which the user chooses a password to change. The
       menu  is	 displayed  if	the user's name is recognized by more than one
       registered security module in the SIA.

       When using the menu, users can synchronize all their passwords at  once
       to the same new password. However, passwords of all security mechanisms
       must already be same at the start of the synchronizing process. If  the
       password	 for  each  security mechanisms is different, users must first
       change them individually to be the same.

       If your system is configured into a Kerberos realm,  you	 can  use  the
       passwd  command	to change your Kerberos password because Kerberos is a
       registered security module in the SIA.

       If a user's passwords are not synchronized and they are operating in  a
       Kerberos	 realm and need to use the Kerberos enhancement commands, such
       as rsh, rlogin, and rcp, then they must first enter the	kinit  command
       to obtain a Kerberos Ticket Granting Ticket (TGT).

   ENHANCED SECURITY
       Under  enhanced security the passwd -q command gathers information from
       the enhanced security password and system defaults databases, and  dis‐
       plays the data as follows: name status date min_change max_change

       The  status  field is PS if the user has a password, LK if the user has
       an administrative lock, or NP if the user has no password. The date  is
       the day of the last successful password change in mm/dd/yy format.

       The  min_change field is the period in days, measured from  the date of
       last password change, which must pass before a user can change his user
       account	password.  A  value of	0 means the password may be changed at
       any time. The max_change field is the period in days, measured from the
       date  of	 last password change, for which the password is valid. Adding
       this value to the date of last password change gives the date at	 which
       the password expires and a change will be required.  A value of 0 means
       that the password will never expire.

       When you use the passwd command with enhanced security  installed,  the
       system prompts for the existing password, and begins a password solici‐
       tation dialog that depends on the options for password  generation  the
       administrator  has  enabled  for your account.  There are four possible
       options: A pronounceable password made up of meaningless syllables.  An
       unpronounceable	password made up of random characters from the charac‐
       ter set.	 An unpronounceable password made up of	 random	 letters  from
       the  alphabet.	A  user specified password, which is subject to length
       and triviality restrictions.

       A maximum length is specified for  all  user  passwords.	  The  minimum
       password length depends on several parameters set in the authentication
       databases.

       The system requires a minimum time to elapse before you can change your
       password.  This stops you from reusing an old password too soon.

       A password expires after a period of time known as the expiration time.
       The system warns you when the expiration time is drawing near.

       A password dies after a period of time known as the password  lifetime.
       After the lifetime passes, your account is locked until the administra‐
       tor re-enables it.  After your  user  account  is  unlocked,  you  must
       change your password again before you can use your account.

       When  you  successfully	type  your old password, the system prints the
       last successful and unsuccessful password change times.	Make sure that
       these times are accurate; use them to detect attempted password changes
       by an unauthorized user.

       You can change your own password if the administrator has  enabled  any
       of the password generation options for your account.

       Using the passwd command to reset a user's password does not unlock the
       user's account if the account is locked for  a  reason  other  than  an
       expired password.

       If  a password longer than 8 characters was entered under base security
       and then enhanced security is installed, you must use only the first  8
       characters  of  the  original  password.	 This is because base security
       only used the first 8 characters of the password and the enhanced pass‐
       word is created from the base password.

EXAMPLES
       To change your password, enter: $ passwd

	      You  are prompted for your old password (if it exists).  You are
	      then prompted twice for the new  password.   To  change  general
	      user information, enter: $ chfn

	      The  current  user values are displayed.	Press the Enter key to
	      accept the default value or enter a new value or the  word  none
	      to  leave	 a  field  blank, and press the Enter key.  Name [User
	      Name]: Room Number [3A-41]: 4A-43 Office	Phone  [3-1234]:  Home
	      Phone  [555-1234]:  To  change  only your Kerberos password when
	      your system is configured into a Kerberos realm, enter: $ passwd

	      The following menu is displayed: You  are	 registered  with  the
	      following security mechanisms

	      1	  Kerberos  2  BSD 3  Synchronized update for the above-listed
	      mechanisms

	      [Default selection:  3]

	      Select ONE item by number: 1

	      You have selected: Kerberos

	      Old Kerberos password: New Kerberos  password:  Verify  Kerberos
	      password:

FILES
       Contains	 user information.  The list of approved shells.  Provides the
       matrix  that  selects  the  appropriate	installed   security   module.
       Enhanced	 security  password  database  for  system accounts.  Enhanced
       security password database for user accounts.  Enhanced security's sys‐
       tem defaults database.

SEE ALSO
       Commands:  finger(1),   kinit(1),   kdestroy(1),	  klist(1),  login(1),
       vipw(8), dxaccounts(8), usermod(8)

       Files:  matrix.conf(4), prpasswd(4), passwd(4)

       Guides: Security Administration

								     passwd(1)
[top]

List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net