.TH d_passwd "" "" "System Administration"
.PC "Give passwords for devices"
.B /etc/d_passwd
.PP
.II /etc/d_passwd
The \*(CO system lets you force classes of users who log in through particular
devices to enter an extra password.
This helps you protect your system against people
who may be try to break into your system via modem.
.PP
When a user attempts to log in, the command
.B login
check file
.B /etc/dialups
(should it exist) to see if this device is protected by an extra password.
If this file names the device,
.B login
looks in file
.B /etc/d_passwd
to see if that user's shell is associated with an extra password.
If that is so, then
.B login
prompts the user for that password, in addition to his usual password
as set in file
.B /etc/passwd
or
.BR /etc/shadow .
.PP
Each entry in
.B /etc/d_passwd
has the following format:
.DS
	\fIshell\^\fB:\fIpassword\^\fB:\fIcomment\fR
.DE
.PP
If field
.I shell
is empty, then
.B login
applies this password to all users who are using
shells not named elsewhere within
.BR d_passwd .
.PP
The following gives an example of
.BR d_passwd :
.DM
	/usr/lib/uucp/uucico::UUCP logins don't have extra password
	/bin/sh:\fIencrypted password\fP:normal user with interactive shell
	/usr/bin/ksh:\fIencrypted password\fP:normal user with interactive shell
.DE
.PP
.II remacc
To recreate the function of the account
.B remacc
(which
.B login
no longer recognizes as special), set
.B /etc/dialups
to name your dial-up ports, and set
.B d_passwd
to the following:
.DM
	:\fIencrypted_password\^\fP:people/accounts dialing in
.DE
.PP
The following gives the contents of
.B d_passwd
from a typical \*(CO system:
.DM
	:.03qn7EtBd.gi:Default dialup password
	/usr/lib/uucp/uucico:.03qn7EtBd.gi:Dialup password for UUCP
	/bin/sh:.03qn7EtBd.gi:Normal dialup extra password
	/usr/bin/ksh:.03qn7EtBd.gi:Normal dialup extra password
.DE
.PP
The gibberish between the first and second `:' characters are the
encrypted passwords.
Note that this user has given the same password to each shell upon
dialing up.
This probably is a mistake.
.SH "See Also"
.Xr "Administering COHERENT," administe
.Xr "dialups," dialups
.Xr "login" login
