3 .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
4 .\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
6 .\" Manual: Anv\(:andarkommandon
7 .\" Source: Anv\(:andarkommandon
10 .TH "PASSWD" "1" "16-02-2011" "Anv\(:andarkommandon" "Anv\(:andarkommandon"
11 .\" -----------------------------------------------------------------
12 .\" * Define some portability stuff
13 .\" -----------------------------------------------------------------
14 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
15 .\" http://bugs.debian.org/507673
16 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
17 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
20 .\" -----------------------------------------------------------------
21 .\" * set default formatting
22 .\" -----------------------------------------------------------------
23 .\" disable hyphenation
25 .\" disable justification (adjust text to left margin only)
27 .\" -----------------------------------------------------------------
28 .\" * MAIN CONTENT STARTS HERE *
29 .\" -----------------------------------------------------------------
31 passwd \- \(:andra anv\(:andarl\(:osenord
33 .HP \w'\fBpasswd\fR\ 'u
34 \fBpasswd\fR [\fIflaggor\fR] [\fIINLOGGNINGSNAMN\fR]
39 command changes passwords for user accounts\&. A normal user may only change the password for his/her own account, while the superuser may change the password for any account\&.
41 also changes the account or associated password validity period\&.
42 .SS "L\(:osenords\(:andringar"
44 The user is first prompted for his/her old password, if one is present\&. This password is then encrypted and compared against the stored password\&. The user has only one chance to enter the correct password\&. The superuser is permitted to bypass this step so that forgotten passwords may be changed\&.
46 Efter att l\(:osenordet har matats in kontrolleras l\(:osenordets \(oaldringsinformation f\(:or att se om anv\(:andaren till\(oats att \(:andra l\(:osenord f\(:or tillf\(:allet\&. Om inte, nekar
48 att \(:andra l\(:osenordet och avslutas\&.
50 Anv\(:andaren fr\(oagas sedan tv\(oa g\(oanger efter ett ers\(:attande l\(:osenord\&. Den andra inmatningen j\(:amf\(:ors mot den f\(:orsta och b\(oada m\(oaste st\(:amma \(:overens f\(:or att l\(:osenordet ska \(:andras\&.
52 Sedan testas l\(:osenordet f\(:or sin komplexitet\&. Som en allm\(:an riktlinje b\(:or l\(:osenord inneh\(oalla 6 till 8 tecken och inkluderas ett eller flera tecken fr\(oan var och en av f\(:oljande punkter:
62 gemena bokst\(:aver ur alfabetet
87 T\(:ank p\(oa att inte inkludera systemets standardtecken f\(:or radering eller d\(:oda\&.
89 kommer att neka alla l\(:osenord som inte har l\(:amplig komplexitet\&.
90 .SS "Tips f\(:or anv\(:andarl\(:osenord"
92 The security of a password depends upon the strength of the encryption algorithm and the size of the key space\&. The legacy
94 System encryption method is based on the NBS DES algorithm\&. More recent methods are now recommended (see
95 \fBENCRYPT_METHOD\fR)\&. The size of the key space depends upon the randomness of the password which is selected\&.
97 Problem i l\(:osenordss\(:akerheten brukar normalt komma fr\(oan slarvigt valda l\(:osenord eller hantering\&. Av denna anledning b\(:or du inte v\(:alja ett l\(:osenord som finns i en ordbok eller som m\(oaste skrivas ner\&. L\(:osenordet b\(:or heller inte vara ett korrekt namn, ditt personnummer, f\(:odelsedatum eller gatuadress\&. Dessa kan anv\(:andas som gissningar f\(:or att ta sig in i systemet\&.
99 You can find advices on how to choose a strong password on http://en\&.wikipedia\&.org/wiki/Password_strength
102 Flaggorna som g\(:aller f\(:or kommandot
106 \fB\-a\fR, \fB\-\-all\fR
108 Denna flagga kan endast anv\(:andas med
110 och g\(:or att status visas f\(:or alla anv\(:andare\&.
113 \fB\-d\fR, \fB\-\-delete\fR
115 Ta bort en anv\(:andares l\(:osenord (g\(:or det blankt)\&. Detta \(:ar ett snabbt s\(:att att inaktivera ett l\(:osenord f\(:or ett konto\&. Det kommer att ta bort det angivna kontots l\(:osenord\&.
118 \fB\-e\fR, \fB\-\-expire\fR
120 L\(:osenordet f\(:or ett konto s\(:atts omedelbart som utg\(oanget\&. Detta kan tvinga en anv\(:andare att \(:andra sitt l\(:osenord vid n\(:asta inloggningsf\(:ors\(:ok\&.
123 \fB\-h\fR, \fB\-\-help\fR
125 Visa hj\(:alpmeddelande och avsluta\&.
128 \fB\-i\fR, \fB\-\-inactive\fR\fIINAKTIV\fR
130 Denna flagga anv\(:ands f\(:or att inaktivera ett konto efter att l\(:osenordet har varit utg\(oanget i ett antal dagar\&. Efter att ett anv\(:andarkonto har haft ett utg\(oanget l\(:osenord i
132 dagar f\(oar anv\(:andaren inte l\(:angre logga in med detta konto\&.
135 \fB\-k\fR, \fB\-\-keep\-tokens\fR
137 Indicate password change should be performed only for expired authentication tokens (passwords)\&. The user wishes to keep their non\-expired tokens as before\&.
140 \fB\-l\fR, \fB\-\-lock\fR
142 Lock the password of the named account\&. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a \(aa!\(aa at the beginning of the password)\&.
144 Note that this does not disable the account\&. The user may still be able to login using another authentication token (e\&.g\&. an SSH key)\&. To disable the account, administrators should use
145 \fBusermod \-\-expiredate 1\fR
146 (this set the account\*(Aqs expire date to Jan 2, 1970)\&.
148 Users with a locked password are not allowed to change their password\&.
151 \fB\-n\fR, \fB\-\-mindays\fR \fIMIN_DAYS\fR
153 S\(:atter minimalt antal dagar mellan l\(:osenords\(:andringar till
154 \fIMIN_DAGAR\fR\&. Ett nollv\(:arde f\(:or detta f\(:alt betyder att anv\(:andaren kan \(:andra sitt l\(:osenord n\(:ar som helst\&.
157 \fB\-q\fR, \fB\-\-quiet\fR
162 \fB\-r\fR, \fB\-\-repository\fR\fIF\(:ORR\(oAD\fR
169 \fB\-S\fR, \fB\-\-status\fR
171 Display account status information\&. The status information consists of 7 fields\&. The first field is the user\*(Aqs login name\&. The second field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P)\&. The third field gives the date of the last password change\&. The next four fields are the minimum age, maximum age, warning period, and inactivity period for the password\&. These ages are expressed in days\&.
174 \fB\-u\fR, \fB\-\-unlock\fR
176 Unlock the password of the named account\&. This option re\-enables a password by changing the password back to its previous value (to the value before using the
181 \fB\-w\fR, \fB\-\-warndays\fR\fIVARN_DAGAR\fR
183 S\(:atter antalet dagar f\(:or varning f\(:ore ett l\(:osenord beh\(:over \(:andras\&. Flaggan
185 \(:ar antalet dagar f\(:ore anv\(:andaren varnas om att l\(:osenordet \(:ar p\(oa v\(:ag att bli utg\(oanget\&.
188 \fB\-x\fR, \fB\-\-maxdays\fR\fIMAX_DAGAR\fR
190 S\(:atter maximalt antal dagar som ett l\(:osenord ska vara giltigt\&. Efter
192 kr\(:avs det att l\(:osenordet \(:andras\&.
196 Password complexity checking may vary from site to site\&. The user is urged to select a password as complex as he or she feels comfortable with\&.
198 Users may not be able to change their password on a system if NIS is enabled and they are not logged into the NIS server\&.
201 The following configuration variables in
203 change the behavior of this tool:
205 \fBENCRYPT_METHOD\fR (string)
207 This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)\&.
209 It can take one of these values:
256 Note: this parameter overrides the
261 \fBMD5_CRYPT_ENAB\fR (boolean)
263 Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to
264 \fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to
266 if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is
269 This variable is superceded by the
271 variable or by any command line option used to configure the encryption algorithm\&.
273 This variable is deprecated\&. You should use
274 \fBENCRYPT_METHOD\fR\&.
277 \fBOBSCURE_CHECKS_ENAB\fR (boolean)
279 Enable additional checks upon password changes\&.
282 \fBPASS_ALWAYS_WARN\fR (boolean)
284 Warn about weak passwords (but still allow them) if you are root\&.
287 \fBPASS_CHANGE_TRIES\fR (number)
289 Maximum number of attempts to change password if rejected (too easy)\&.
292 \fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number)
294 Number of significant characters in the password for crypt()\&.
296 is 8 by default\&. Don\*(Aqt change unless your crypt() is better\&. This is ignored if
302 \fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number)
309 \fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&.
311 With a lot of rounds, it is more difficult to brute forcing the password\&. But note also that more CPU resources will be needed to authenticate users\&.
313 If not specified, the libc will choose the default number of rounds (5000)\&.
315 The values must be inside the 1000\-999999999 range\&.
318 \fBSHA_CRYPT_MIN_ROUNDS\fR
320 \fBSHA_CRYPT_MAX_ROUNDS\fR
321 values is set, then this value will be used\&.
324 \fBSHA_CRYPT_MIN_ROUNDS\fR
326 \fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&.
332 Anv\(:andarkontoinformation\&.
337 S\(:aker anv\(:andarkontoinformation\&.
342 Shadow password suite configuration\&.
344 .SH "AVSLUTNINGSV\(:ARDEN"
348 avslutas med f\(:oljande v\(:arden:
362 ogiltig kombination av flaggor
367 ov\(:antat fel, ingenting har genomf\(:orts
372 ov\(:antat fel, filen
381 \(:ar upptagen, f\(:ors\(:ok igen
386 ogiltigt argument till flagga