+2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/groupmod.8.xml, man/usermod.8.xml, man/groupadd.8.xml,
+ man/useradd.8.xml: Added note to warn about insecurity in using
+ --password.
+ * man/groupmod.8.xml: Removed not regarding default if --password
+ is not used. This was a cut&paste from groupadd.8.xml.
+ * man/passwd.1.xml: Split some paragraphs.
+ * man/passwd.1.xml: Recommend other encryption methods than DES.
+
2009-04-27 Nicolas François <nicolas.francois@centraliens.net>
* src/login.c: Move update_utmp() after the PID or session ID
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 1991 , Julianne Frances Haugh
- Copyright (c) 2007 - 2008, Nicolas François
+ Copyright (c) 2007 - 2009, Nicolas François
All rights reserved.
Redistribution and use in source and binary forms, with or without
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>. The default is to disable the password.
</para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> This option is not
+ recommended because the password (or encrypted password) will
+ be visible by users listing the processes.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 1991 , Julianne Frances Haugh
- Copyright (c) 2007 - 2008, Nicolas François
+ Copyright (c) 2007 - 2009, Nicolas François
All rights reserved.
Redistribution and use in source and binary forms, with or without
<para>
The encrypted password, as returned by <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry>. The default is to disable the password.
+ </citerefentry>.
+ </para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> This option is not
+ recommended because the password (or encrypted password) will
+ be visible by users listing the processes.
</para>
</listitem>
</varlistentry>
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 1989 - 1994, Julianne Frances Haugh
- Copyright (c) 2007 - 2008, Nicolas François
+ Copyright (c) 2007 - 2009, Nicolas François
All rights reserved.
Redistribution and use in source and binary forms, with or without
<title>Hints for user passwords</title>
<para>
The security of a password depends upon the strength of the
- encryption algorithm and the size of the key space. The
+ encryption algorithm and the size of the key space. The legacy
<emphasis>UNIX</emphasis> System encryption method is based on the
- NBS DES algorithm and is very secure. The size of the key space
+ NBS DES algorithm. More recent methods are now recommended (see
+ <option>ENCRYPT_METHOD</option>). The size of the key space
depends upon the randomness of the password which is selected.
</para>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
- Not all options may be supported. Password complexity checking may
+ Password complexity checking may
vary from site to site. The user is urged to select a password as
- complex as he or she feels comfortable with. Users may not be able to
+ complex as he or she feels comfortable with.
+ </para>
+ <para>
+ Users may not be able to
change their password on a system if NIS is enabled and they are not
logged into the NIS server.
</para>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>. The default is to disable the account.
</para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> This option is not
+ recommended because the password (or encrypted password) will
+ be visible by users listing the processes.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>.
</para>
+ <para>
+ <emphasis role="bold">Note:</emphasis> This option is not
+ recommended because the password (or encrypted password) will
+ be visible by users listing the processes.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
projects / shadow / commitdiff