English
- PWDAUTH() Minix Programmer's Manual PWDAUTH()
- NAME
- pwdauth - password authentication program
- SYNOPSIS
- /usr/lib/pwdauth
- DESCRIPTION
- Pwdauth is a program that is used by the crypt(3) function to do the hard
- work. It is a setuid root utility so that it is able to read the shadow
- password file.
- Pwdauth expects on standard input two null terminated strings, the
- password typed by the user, and the salt. That is, the two arguments of
- the crypt function. The input read in a single read call must be 1024
- characters or less including the nulls. Pwdauth takes one of two actions
- depending on the salt.
- If the salt has the form "##user" then the user is used to index the
- shadow password file to obtain the encrypted password. The input
- password is encrypted with the one-way encryption function contained
- within pwdauth and compared to the encrypted password from the shadow
- password file. If equal then pwdauth returns the string "##user" with
- exit code 0, otherwise exit code 2 to signal failure. The string
- "##user" is also returned if both the shadow password and the input
- password are null strings to allow a password-less login.
- If the salt is not of the form "##user" then the password is encrypted
- and the result of the encryption is returned. If salt and password are
- null strings then a null string is returned.
- The return value is written to standard output as a null terminated
- string of 1024 characters or less including the null.
- The exit code is 1 on any error.
- SEE ALSO
- crypt(3), passwd(5).
- NOTES
- A password must be checked like in this example:
- pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0);
- The second argument of crypt must be the entire encrypted password and
- not just the two character salt.
- 1
- PWDAUTH() Minix Programmer's Manual PWDAUTH()
- AUTHOR
- Kees J. Bot (kjb@cs.vu.nl)
- 2
