Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ chsh(1) — OSF/1 3.0 αXP

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

finger(1)

login(1)

matrix.conf(4)

passwd(4)

passwd(1)  —  Commands

NAME

passwd, chfn, chsh − Changes password file information

SYNOPSIS

passwd [−f | −s] [username]

chfn [username]

chsh [username]

This security-sensitive command uses the SIA (Security Integration Architecture) routine as an interface to the security mechanisms. See the matrix.conf(4) reference page for more information. 

DESCRIPTION

The passwd command changes (or installs) the password associated with your username (by default) or the specified username.  The chfn command changes GECOS information associated with your username or the specified username.  The chsh command changes the login shell of your username or of the specified username.  When altering a password, the program prompts for the current password and then for the new one.  The caller must supply both.  The new password must be typed twice to forestall mistakes. 

Each password must have at least six characters and can include digits, symbols, and the letters of your alphabet.  It is strongly suggested that you include unusual punctuation, control characters, or digits in your password.  Use of only lowercase letters is discouraged.  If you enter more than eight characters when creating a password, the passwd command ignores any characters after the eighth. 

When altering the GECOS information field, chfn displays the current information, broken into fields, as interpreted by the finger program, among others, and prompts for new values.  These fields include a user’s proper name, office room number, office phone number, and home phone number.  Included in each prompt is a default value, which is enclosed in [ ] (brackets).  The default value is accepted simply by pressing <Return>.  To enter a blank field, the word none can be entered. 

The chfn command allows phone numbers to be entered with or without dashes.  It is a good idea to run finger after changing the GECOS information to make sure everything is set up properly. 

A superuser can change anyone’s GECOS information; other users can only change their own. 

When altering a login shell, chsh displays the current login shell and then prompts for the new one.  The new login shell must be one of the approved shells listed in /etc/shells unless you have superuser privileges.  If /etc/shells does not exist, the only shells that can be specified are /usr/bin/sh and /usr/bin/csh. 

A superuser can change anyone’s login shell; normal users can only change their own login shell. 

Security Note

When you use the passwd command, with enhanced security installed, the system prompts for the existing password, and begins a password solicitation dialog that depends on the options for password generation the administrator has enabled for your account.  There are four possible options:

Random syllablesA pronounceable password made up of meaningless syllables. 

Random charactersAn unpronounceable password made up of random characters from the character set. 

Random lettersAn unpronounceable password made up of random letters from the alphabet. 

User suppliedA user specified password, which is subject to length and triviality restrictions. 

A maximum length is spcified for all user passwords.  The minimum password length depends on several parameters set in the authentication databases. 

The system requires a minimum time to elapse before you can change your password.  This stops you from reusing an old password too soon. 

A password expires after a period of time known as the expiration time.  The system warns you when the expiration time is drawing near. 

A password dies after a period of time known as the password lifetime.  After the lifetime passes, your account is locked until the administrator reenables it.  After unlocking, you must change your password again before you can use your account. 

When you successfully type your old password, the system prints the last successful and unsuccessful password change times.  Make sure that these times are accurate; use them to detect attempted password changes by an unauthorized user. 

You can change your own password if the administrator has enabled any of the password generation options for your account. 

See the Security manual for detailed instructions on changing your password. 

End Security Note

FLAGS

−fInvokes the chfn command when given with the passwd command. 

−sInvokes the chsh command when given with the passwd command. 

EXAMPLES

     1.To change your password, enter:

passwd

You are prompted for your old password (if it exists).  You are then prompted twice for the new password.

     2.To change the office number and building values in your GECOS information, enter:

chfn

Your current GECOS values are displayed.  Follow the instructions and change your office number.  For example, enter:

Name [Huan Kim]:
Room Number [3A-41]: 4A-43
Office Phone [3-1234]:
Home Phone [555-1234]:

FILES

/etc/passwdContains user information. 

/etc/shellsThe list of approved shells. 

RELATED INFORMATION

Commands: finger(1), login(1). 

Files: matrix.conf(4), passwd(4). 

Security

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026