xref: /titanic_52/usr/src/man/man1/kpasswd.1 (revision 7aa76ffc594f84c1c092911a84f85a79ddb44c73)
te
Copyright 1987, 1989 by the Student Information Processing Board of the Massachusetts Institute of Technology. For copying and distribution information, please see the file kerberosv5/mit-sipb-copyright.h.
Portions Copyright (c) 2004, Sun Microsystems, Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
kpasswd 1 "30 Jul 2001" "SunOS 5.11" "User Commands"
NAME
kpasswd - change a user's Kerberos password
SYNOPSIS

/usr/bin/kpasswd [principal]
DESCRIPTION

The kpasswd command is used to change a Kerberos principal's password. kpasswd prompts for the current Kerberos password, which is used to obtain a changepw ticket from the KDC for the user's Kerberos realm. If kpasswd successfully obtains the changepw ticket, the user is prompted twice for the new password, and the password is changed.

If the principal is governed by a policy that specifies the length and/or number of character classes required in the new password, the new password must conform to the policy. (The five character classes are lower case, upper case, numbers, punctuation, and all other characters.)

OPERANDS

The following operand is supported:

principal

Change the password for the Kerberos principal principal. Otherwise, the principal is derived from the identity of the user invoking the kpasswd command.

FILES

/tmp/ovsec_adm.xxxxxx

Temporary credentials cache for the lifetime of the password changing operation. (xxxxxx is a random string.)

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
CSIEnabled
SEE ALSO

kerberos(5)

BUGS

If kpasswd is suspended, the changepw tickets may not be destroyed.