

passwd                     File Format                     passwd




Password file format


The file  /etc/passwd holds information  about each user  who has
permission to use  the COHERENT system.  This information is read
by the commands login and  passwd whenever a user attempts to log
in, to ensure that that user  is really himself and not an impos-
tor.

/etc/passwd holds one record for each user; each record, in turn,
consists of seven colon-separated fields, as follows:


        name:password:user_id:group_id:comments:home_dir:shell


name  is  the  user's  login  name.   password is  his  encrypted
password.  user_id is a unique  number that is also used to iden-
tify the  user.  group_id identifies the group  to which the user
belongs,  if any.   comments  holds miscellaneous  data, such  as
names, telephone numbers,  or office numbers.  home_dir gives the
user's home directory.   Finally, shell gives the program that is
first executed when the user  logs on; in most instances, this is
an interactive shell (default, /bbiinn/sshh).

/etc/passwd includes a special entry for remacc.  This entry con-
trols access  to the system by remote devices  (for example, by a
modem).  If  an entry in  file /etc/ttys indicates  that a serial
line is remote (as set by  placing an `r' as the second character
in its entry), COHERENT prompts


        Remote access password:


when a user attempts to log in on that line.

To set the password for remacc, enter the following command while
running as the superuser.


        passwd remacc


***** See Also *****

file formats, passwd (command)

***** Notes *****

/etc/passwd can  be read by anyone: if access  to it were refused
to a  user, he could  not log on.  Thus,  the passwords encrypted
within it can be read and copied by anyone, and so may be vulner-
able to brute-force decryption.  For this reason, close attention


COHERENT Lexicon                                           Page 1




passwd                     File Format                     passwd



should be  paid to passwords: they should not  be common words or
names, preferably  mix cases or  use unique spellings,  and be at
least six characters long.






















































COHERENT Lexicon                                           Page 2


