Windows PowerShell command on Get-command pam_authtok_check
MyWebUniversity

Manual Pages for UNIX Operating System command usage for man pam_authtok_check




Standards, Environments, and Macros          pam_authtok_check(5)





NAME

     pam_authtok_check - authentication and  password  management

     module


SYNOPSIS

     pam_authtok_check.so.1




DESCRIPTION

     pam_authtok_check provides  functionality  to  the  Password

     Management  stack.  The implementation of pam_sm_chauthtok()

     performs a number of checks on the construction of the newly

     entered password. pam_sm_chauthtok() is invoked twice by the

     PAM framework, once with flags set to PAM_PRELIM_CHECK,  and

     once  with flags set to PAM_UPDATE_AUTHTOK. This module only

     performs its checks during the first invocation. This module
     expects    the   current   authentication   token   in   the

     PAM_OLDAUTHTOK item, the new (to be checked) password in the

     PAM_AUTHTOK  item,  and the login name in the PAM_USER item.

     The checks performed by this module are:

     length              The password length should not  be  less
                         that    the    minimum    specified   in
                         /etc/default/passwd.


     circular shift      The password should not  be  a  circular
                         shift  of the login name. This check may
                         be disabled in /etc/default/passwd.


     complexity          The password should contain at least the
                         minimum  number  of characters described
                         by the parameters MINALPHA, MINNONALPHA,

                         MINDIGIT, and MINSPECIAL. Note that MIN-

                         NONALPHA describes  the  same  character

                         classes  as MINDIGIT and MINSPECIAL com-

                         bined; therefore the user cannot specify

                         both MINNONALPHA and MINSPECIAL (or MIN-

                         DIGIT). The user must  choose  which  of
                         the two options to use. Furthermore, the
                         WHITESPACE parameter determines  whether
                         whitespace  characters  are  allowed. If
                         unspecified MINALPHA is  2,  MINNONALPHA
                         is 1 and WHITESPACE is yes


     variation           The old and new passwords must differ by
                         at  least the MINDIFF value specified in
                         /etc/default/passwd. If unspecified, the

                         default  is 3. For accounts in name ser-

                         vices  which  support  password  history




SunOS 5.11          Last change: 10 Jun 2010                    1








Standards, Environments, and Macros          pam_authtok_check(5)




                         checking,  if  prior history is defined,
                         the new  password  must  not  match  the
                         prior passwords.



     dictionary check    The password must not be based on a dic-

                         tionary  word.  The  list of words to be
                         used for the site's  dictionary  can  be
                         specified  with  DICTIONLIST.  It should

                         contain  a   comma-separated   list   of

                         filenames,  one word per line. The data-

                         base that is created from these files is

                         stored  in  the  directory named by DIC-

                         TIONDBDIR (defaults to /var/passwd). See

                         mkpwdict(1M)  for  information  on  pre-

                         generating the database. If neither DIC-

                         TIONLIST  nor DICTIONDBDIR is specified,
                         no dictionary check is made.


     upper/lower case    The password must contain at  least  the

                         minimum of upper- and lower-case letters

                         specified by the MINUPPER  and  MINLOWER
                         values    in   /etc/default/passwd.   If
                         unspecified, the defaults are 0.



     maximum repeats     The password must not contain more  con-

                         secutively   repeating  characters  than
                         specified by  the  MAXREPEATS  value  in
                         /etc/default/passwd.  If unspecified, no
                         repeat character check is made.



     The following option may be passed to the module:


     force_check      If  the  PAM_NO_AUTHTOK_CHECK   flag   set,

                      force_check    ignores   this   flag.   The

                      PAM_NO_AUTHTOK_CHECK flag  can  be  set  to

                      bypass       password      checks      (see

                      pam_chauthtok(3PAM)).




     server_policy    If the account authority for the  user,  as

                      specified by PAM_USER, is not files or NIS,

                      and if  server_policy  is  specified,  this

                      module   does  not  perform  any  password-

                      strength checks. Instead, it leaves  it  to
                      the  account  authority to validate the new
                      password against its own set of rules.





SunOS 5.11          Last change: 10 Jun 2010                    2








Standards, Environments, and Macros          pam_authtok_check(5)




     debug            syslog(3C)  debugging  information  at  the

                      LOG_DEBUG level




RETURN VALUES

     If the password in PAM_AUTHTOK passes all tests, PAM_SUCCESS

     is  returned.  If  any of the tests fail, PAM_AUTHTOK_ERR is

     returned.

FILES
     /etc/default/passwd    See passwd(1) for  a  description  of
                            the contents.



ATTRIBUTES

     See attributes(5) for descriptions of the  following  attri-

     butes:




     ____________________________________________________________

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |

    |_____________________________|_____________________________|

    | Interface Stability         | Committed                   |

    |_____________________________|_____________________________|

    | MT Level                    | MT-Safe with exceptions     |

    |_____________________________|_____________________________|




SEE ALSO

     passwd(1),  pam(3PAM),  mkpwdict(1M),   pam_chauthtok(3PAM),

     syslog(3C), libpam(3LIB), pam.conf(4), passwd(4), shadow(4),

     attributes(5),   pam_authtok_get(5),   pam_authtok_store(5),

     pam_dhkeys(5),    pam_passwd_auth(5),   pam_unix_account(5),

     pam_unix_auth(5), pam_unix_session(5)


NOTES

     The interfaces in libpam(3LIB)  are  MT-Safe  only  if  each

     thread  within  the  multi-threaded application uses its own

     PAM handle.



     The pam_unix(5) module is no longer supported. Similar func-

     tionality     is     provided    by    pam_authtok_check(5),

     pam_authtok_get(5),   pam_authtok_store(5),   pam_dhkeys(5),

     pam_passwd_auth(5),  pam_unix_account(5),  pam_unix_auth(5),

     and pam_unix_session(5).










SunOS 5.11          Last change: 10 Jun 2010                    3



Contact us      |      About us      |      Term of use      |       Copyright © 2000-2019 MyWebUniversity.com ™