yppasswd [username]

The yppasswd utility changes the network password associated with the user username in the Network Information Service (NIS) database. If the user has done a keylogin(1), and a publickey/secretkey pair exists for the user in the NIS publickey.byname map, yppasswd also re-encrypts the secretkey with the new password. The NIS password may be different from the local one on your own machine.

yppasswd prompts for the old NIS password, and then for the new one. You must type in the old password correctly for the change to take effect. The new password must be typed twice, to forestall mistakes.

New passwords must be at least four characters long, if they use a sufficiently rich alphabet, and at least six characters long if monocase. These rules are relaxed if you are insistent enough. Only the owner of the name or the super-user may change a password; superuser on the root master will not be prompted for the old password, and does not need to follow password construction requirements.

The NIS password daemon, rpc.yppasswdd must be running on your NIS server in order for the new password to take effect.

keylogin(1), login(1), passwd(1), getpwnam(3C), getspnam(3C), secure_rpc(3NSL), nsswitch.conf(4), attributes(5)

Even after the user has successfully changed his or her password using this command, the subsequent login(1) using the new password will be successful only if the user's password and shadow information is obtained from NIS. See getpwnam(3C), getspnam(3C), and nsswitch.conf(4).

The use of yppasswd is discouraged, as it is now only a wrapper around the passwd(1) command, which should be used instead. Using passwd(1) with the -r nis option will achieve the same results, and will be consistent across all the different name services available.

The update protocol passes all the information to the server in one RPC call, without ever looking at it. Thus, if you type your old password incorrectly, you will not be notified until after you have entered your new password.