NAME passwd, chfn, chsh - change local or NIS password informa- tion SYNOPSIS passwd [ -l | -y ] [ -afs ] [ -d [ username ] ] [ -e user- name ] [ -F filename ] [ -n numdays username ] [ -x numdays username ] [ username ] chfn [ -l | -y ] [ -f ] [ -F filename ] [ username ] chsh [ -l | -y ] [ -s ] [ -F filename ] [ username ] DESCRIPTION passwd changes (or installs) a password, login shell (-s option), or full name (-f option) associated with the user username (your own by default). chsh is equivalent to passwd with the -s option, and chfn is equivalent to passwd with the -f option. Use `passwd -y' or yppasswd(1) to change your password in the Network Information Service (NIS). This will not affect your local password, or your password on any remote machines on which you have accounts. passwd calls yppasswd automati- cally if you do not have an entry in the local passwd file, and the -l option is not specified. When changing a password, passwd prompts for the old pass- word and then for the new one. You must supply both, and the new password must be typed twice to forestall mistakes. If password aging is enabled, the first time an ordinary user enters the new password passwd checks to see if the old password has "aged" sufficiently. Password "aging" is the amount of time (usually a certain number of days) that must elapse between password changes. If "aging" is insufficient the new password is rejected and passwd terminates. New passwords should be at least five characters long, if they combine upper-case and lower-case letters, or at least six characters long if in monocase. Users that persist in entering shorter passwords are compromising their own secu- rity. The number of significant characters in a password is eight, although longer passwords will be accepted. Only the owner of the name or the super-user may change a password; the owner must prove he knows the old password. The super-user can change any password and is not forced to comply with password aging requirements. When changing a login shell, passwd displays the current login shell and then prompts for the new one. The new login shell must be one of the approved shells listed in /etc/shells unless you are the super-user. If /etc/shells does not exist, the only shells that may be specified are /bin/sh and /bin/csh. The super-user may change anyone's login shell; normal users may only change their own login shell. When changing a full name, passwd displays the current full name, enclosed between brackets, and prompts for a new full name. If you type a RETURN, the full name is not changed. If the full name is to be made blank, you must type the word "none". The super-user may change anyone's full name; normal users may only change their own. OPTIONS -a Display the name and aging information for all users. Can only be invoked by the super-user. -f Change the full name. -l Change the local password, login shell, or full name. If username exists in the local passwd file, this is the default. -s Change the login shell. -y Change passwd, login shell, or full name in the NIS database. -d [username] Display the name and aging information for the caller or the user specified if the invoker has the right privileges. -e username Expire the password for the user name specified. Can only be invoked by the super-user. -F filename Treat filename as the password file. -n numdays username Set the maturity time of the password for username. Passwords that have not "aged" enough cannot be changed. Can only be set by the super-user. -x numdays username Set the expiration time of the password for username. Can only be set by the super-user. FILES /etc/passwd file containing all of this information /etc/shells list of approved shells SEE ALSO finger(1), login(1), yppasswd(1), crypt(3), passwd(5) NOTES Password algorithms do not work with 8-bit characters. This maintains consistency with login file naming rules, which do not allow 8-bit characters in login names. See login(1) for explanations about why login is not 8-bit clean. The Network Information Service (NIS) was formerly known as Sun Yellow Pages (YP). The functionality of the two remains the same; only the name has changed.