NAME
passwd, chfn, chsh - change local or NIS password informa-
tion
SYNOPSIS
passwd [ -l | -y ] [ -afs ] [ -d [ username ] ] [ -e user-
name ]
[ -F filename ] [ -n numdays username ]
[ -x numdays username ] [ username ]
chfn [ -l | -y ] [ -f ] [ -F filename ] [ username ]
chsh [ -l | -y ] [ -s ] [ -F filename ] [ username ]
DESCRIPTION
passwd changes (or installs) a password, login shell (-s
option), or full name (-f option) associated with the user
username (your own by default). chsh is equivalent to
passwd with the -s option, and chfn is equivalent to passwd
with the -f option.
Use `passwd -y' or yppasswd(1) to change your password in
the Network Information Service (NIS). This will not affect
your local password, or your password on any remote machines
on which you have accounts. passwd calls yppasswd automati-
cally if you do not have an entry in the local passwd file,
and the -l option is not specified.
When changing a password, passwd prompts for the old pass-
word and then for the new one. You must supply both, and
the new password must be typed twice to forestall mistakes.
If password aging is enabled, the first time an ordinary
user enters the new password passwd checks to see if the old
password has "aged" sufficiently. Password "aging" is the
amount of time (usually a certain number of days) that must
elapse between password changes. If "aging" is insufficient
the new password is rejected and passwd terminates.
New passwords should be at least five characters long, if
they combine upper-case and lower-case letters, or at least
six characters long if in monocase. Users that persist in
entering shorter passwords are compromising their own secu-
rity. The number of significant characters in a password is
eight, although longer passwords will be accepted.
Only the owner of the name or the super-user may change a
password; the owner must prove he knows the old password.
The super-user can change any password and is not forced to
comply with password aging requirements.
When changing a login shell, passwd displays the current
login shell and then prompts for the new one. The new login
shell must be one of the approved shells listed in
/etc/shells unless you are the super-user. If /etc/shells
does not exist, the only shells that may be specified are
/bin/sh and /bin/csh.
The super-user may change anyone's login shell; normal users
may only change their own login shell.
When changing a full name, passwd displays the current full
name, enclosed between brackets, and prompts for a new full
name. If you type a RETURN, the full name is not changed.
If the full name is to be made blank, you must type the word
"none".
The super-user may change anyone's full name; normal users
may only change their own.
OPTIONS
-a Display the name and aging information for all users.
Can only be invoked by the super-user.
-f Change the full name.
-l Change the local password, login shell, or full name.
If username exists in the local passwd file, this is
the default.
-s Change the login shell.
-y Change passwd, login shell, or full name in the NIS
database.
-d [username]
Display the name and aging information for the caller
or the user specified if the invoker has the right
privileges.
-e username
Expire the password for the user name specified. Can
only be invoked by the super-user.
-F filename
Treat filename as the password file.
-n numdays username
Set the maturity time of the password for username.
Passwords that have not "aged" enough cannot be
changed. Can only be set by the super-user.
-x numdays username
Set the expiration time of the password for username.
Can only be set by the super-user.
FILES
/etc/passwd file containing all of this information
/etc/shells list of approved shells
SEE ALSO
finger(1), login(1), yppasswd(1), crypt(3), passwd(5)
NOTES
Password algorithms do not work with 8-bit characters. This
maintains consistency with login file naming rules, which do
not allow 8-bit characters in login names. See login(1) for
explanations about why login is not 8-bit clean.
The Network Information Service (NIS) was formerly known as
Sun Yellow Pages (YP). The functionality of the two remains
the same; only the name has changed.