[manual index][section index]


changelogin, convpasswd - create/update the password file


auth/changelogin name

auth/convpasswd [ -f ] [ -v ] [ -m keydir ] [ pwfile ]


Changelogin helps to administer a password file /keydb/keys (see keys(6)), a requirement of `signer' servers (see logind(8), signer(8), and svc/auth in svc(8)). Changelogin can only be used on the signing host itself, after keyfs(4) has been started (eg, by svc/auth) to make the entries visible in the name space.

If a password file entry for name exists, it is modified; otherwise, a new entry is created. The user is prompted for the following items:

A string at least 8 characters in length. The SHA-1 digest of the entered string is stored in the password file. See keyring-sha1(2). By default, the password for an existing entry is unchanged.
expiration date
An expiration time in the format DDMMYYYY. The user input is checked for valid day, month, and year; moreover, the new date must be later than the current time. By default, the current value, if any, is unchanged for an existing entry and one year from the current time for a new entry.

Note that the password expiration date is also used as the default expiration date for any certificate later produced; see getauthinfo(8).

Convpasswd converts a Third Edition password file to the keys(6) file used by the current Edition of the system. It reads password entries from pwfile, /keydb/password by default, and writes corresponding entries into a name space served by keyfs(4), mounted at keydir, /mnt/keys by default. It copies passwords and expiry times. The `free form' administrative data is discarded. If keydir already has got an entry for a user, it is left as-is, unless the -f option is given to force convpasswd to copy across the entry in pwfile . The -v option causes convpasswd to print each user name after it successfully installs it.






passwd(1), keyfs(4), keysrv(4), keys(6), logind(8), signer(8), svc(8)

CHANGELOGIN(8 ) Rev:  Tue Mar 31 02:42:38 GMT 2015