Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ pwd_strengthd(8sec) — DCE 3.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

pwd_strengthd(8sec)  —  Maintenance

NAME

pwd_strengthd − The sample password management server

SYNOPSIS

pwd_strengthd [+/-all] [+/-alp] [-c size] [-d] [-m pwd_min_len] [-t minutes] [-v]

OPTIONS

+allAllows passwords to be all spaces.  If this option is not set, the effective registry policy is used. 

-allPrevents passwords from being all spaces.  If this option is not set, the effective registry policy is used. 

+alpAllows passwords to consist of only alphanumeric characters.  If this option is not set, the effective registry policy is used. 

-alpPrevents passwords from consisting of only alphanumeric characters.  If this option is not set, the effective registry policy is used. 

-c sizeSpecifies the number of hash buckets in the password cache.  The password cache is used to store generated passwords which are retrieved when the password is strength checked.  The password cache is a hash table with a linked list for collisions.  The size should be set to a reasonable value based on how large the cache will be on average.  The default value if not specified is 100. 

-dRuns pwd_strengthd in the foreground.  Log messages are written to standard output. 

-m pwd_min_len
Specifies the minimum length of a password.  If this option is not set, the effective registry policy is used.

-t minutesSpecifies the time, in minutes, that generated passwords remain in the cache before they are deleted from memory.  If this option is not specified, the default time is 30 minutes. 

-vRuns in verbose mode.  More detailed messages are sent to the log file dcelocal/var/security/pwd_strengthd.log.  (Use of this option is recommended.) 

DESCRIPTION

The pwd_strengthd command is a sample password management server.  It exports the rsec_pwd_mgmt application programming interface. 

The pwd_strengthd command generates passwords and strength-checks them.  It enforces the security registry policy for password strength-checking.  Administrators can override the security registry policy via the command-line options ­+/-alp, ­+/-all, and ­-m. 

Administrators can subject principals to password-strength and -generation policies by attaching the following extended registry attributes (ERAs):

pwd_val_type
Specifies the password management policy the user must conform to when selecting passwords.

pwd_mgmt_binding
Specifies information required in order to connect to the password management server.

See the OSF DCE Administration Guide—Core Components for more information and examples. 

NOTES

You may want to enhance pwd_strengthd to support your site’s policies for password strength and generation. 

RELATED INFORMATION

Commands: passwd_export(8sec), passwd_import(8sec). 

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026