man(1) Manual page archive


     CHANGELOGIN(8)                                     CHANGELOGIN(8)

     NAME
          changelogin, convpasswd - create/update the password file

     SYNOPSIS
          auth/changelogin name

          auth/convpasswd [ -f ] [ -v ] [ -m keydir ] [ pwfile ]

     DESCRIPTION
          Changelogin helps to administer a password file /keydb/keys
          (see keys(6)), a requirement of `signer' servers (see
          logind(8), signer(8), and svc/auth in svc(8)). Changelogin
          can only be used on the signing host itself, after keyfs(4)
          has been started (eg, by svc/auth) to make the entries visi-
          ble in the name space.

          If a password file entry for name exists, it is modified;
          otherwise, a new entry is created.  The user is prompted for
          the following items:

          password
               A string at least 8 characters in length. The SHA-1
               digest of the entered string is stored in the password
               file. See keyring-sha1(2). By default, the password for
               an existing entry is unchanged.

          expiration date
               An expiration time in the format DDMMYYYY. The user
               input is checked for valid day, month, and year; more-
               over, the new date must be later than the current time.
               By default, the current value, if any, is unchanged for
               an existing entry and one year from the current time
               for a new entry.

          Note that the password expiration date is also used as the
          default expiration date for any certificate later produced;
          see getauthinfo(8).

          Convpasswd converts a Third Edition password file to the
          keys(6) file used by the current Edition of the system.  It
          reads password entries from pwfile, /keydb/password by
          default, and writes corresponding entries into a name space
          served by keyfs(4), mounted at keydir, /mnt/keys by default.
          It copies passwords and expiry times.  The `free form'
          administrative data is discarded.  If keydir already has got
          an entry for a user, it is left as-is, unless the -f option
          is given to force convpasswd to copy across the entry in
          pwfile . The -v option causes convpasswd to print each user
          name after it successfully installs it.

     CHANGELOGIN(8)                                     CHANGELOGIN(8)

     FILES
          /keydb/keys

     SOURCE
          /appl/cmd/auth/changelogin.b

     SEE ALSO
          passwd(1), keyfs(4), keysrv(4), keys(6), logind(8),
          signer(8), svc(8)