Import sources from 2011-03-30 iso image - sys/man

1 files changed, 59 insertions, 0 deletions

diff --git a/sys/man/1/passwd b/sys/man/1/passwd
new file mode 100755
index 000000000..d15461e3b
--- /dev/null
+++ b/sys/man/1/passwd
@@ -0,0 +1,59 @@
+.TH PASSWD 1
+.SH NAME
+passwd, netkey \- change or verify user password
+.SH SYNOPSIS
+.B passwd
+[
+.IR username [@ domain ]
+]
+.PP
+.B netkey
+.SH DESCRIPTION
+.I Passwd
+changes the invoker's Plan 9 password and/or APOP secret.
+The Plan 9 password is used to login to a terminal while
+the APOP secret is used for a number of external services:
+POP3, IMAP, and VPN access.  The optional argument specifies
+the user name and authentication domain to use if different
+than the one associated with the machine
+.I passwd
+is run on.
+.PP
+The program first prompts for the old Plan 9 password in the specified
+domain to establish
+identity.
+It then prompts for changes to the password and the
+secret.
+New passwords and secrets must be typed twice, to forestall mistakes.
+New passwords must be sufficiently hard to guess.
+They may be of any length greater than seven characters.
+.PP
+.I Netkey
+prompts for a password to encrypt network challenges.
+It is a substitute for a SecureNet box.
+.PP
+These commands may be run only on a terminal, to avoid
+transmitting clear text passwords over the network.
+.SH SOURCE
+.B /sys/src/cmd/auth/passwd.c
+.br
+.B /sys/src/cmd/auth/netkey.c
+.SH "SEE ALSO"
+.I readnvram
+in
+.IR authsrv (2),
+.IR encrypt (2),
+.IR cons (3),
+.IR auth (8),
+.IR securenet (8)
+.PP
+Robert Morris and Ken Thompson,
+``UNIX Password Security,''
+.I AT&T Bell Laboratories Technical Journal
+Vol 63 (1984), pp. 1649-1672
+.SH BUGS
+Now that
+.I cpu
+connections are always encrypted, the only good reason
+to require that these commands be run only on terminals
+is concern that the CPU server might be subverted.