PASSWD(1)PASSWD(1)
NAME
passwd, netkey – change or verify user password
SYNOPSIS
passwd
[
username[@domain]
]
netkey
DESCRIPTION
Passwd
changes the invoker’s Plan 9 password and/or APOP secret.
The Plan 9 password is used to login to a terminal while
the APOP secret is used for a number of external services:
POP3, IMAP, and VPN access. The optional argument specifies
the user name and authentication domain to use if different
than the one associated with the machine
passwd
is run on.
The program first prompts for the old Plan 9 password in the specified
domain to establish
identity.
It then prompts for changes to the password and the
secret.
New passwords and secrets must be typed twice, to forestall mistakes.
New passwords must be sufficiently hard to guess.
They may be of any length greater than seven characters.
Netkey
prompts for a password to encrypt network challenges.
It is a substitute for a SecureNet box. It may only be run on a terminal.
SOURCE
/sys/src/cmd/auth/passwd.c
/sys/src/cmd/auth/netkey.c
SEE ALSO
readnvram
in
authsrv(2),
encrypt(2),
cons(3),
auth(8),
securenet(8)
Robert Morris and Ken Thompson,
“UNIX Password Security,”
AT&T Bell Laboratories Technical Journal
Vol 63 (1984), pp. 1649-1672
BUGS
Now that
cpu
connections are always encrypted, the only good reason
to require that these commands be run only on terminals
is concern that the CPU server might be subverted.