crypt.conf - configuration file for pluggable crypt modules




     crypt.conf is the configuration file for the pluggable crypt
     architecture.   Each crypt module must provide a function to
     generate a  password  hash,  crypt_genhash_impl(3C),  and  a
     function to generate the salt, crypt_gensalt_impl(3C).

     There must be at least one entry in crypt.conf with the same
     name as is stored in the crypt_algorithm_magic symbol of the
     module. The documentation provided with  the  module  should
     list this name.

     The module_path field specifies the path name  to  a  shared
     library   object   that   implements   crypt_genhash_impl(),
     crypt_gensalt_impl(),  and  crypt_algorithm_magic.   If  the
     path  name  is not absolute, it is assumed to be relative to
     /usr/lib/security/$ISA.  If the path name contains the  $ISA
     token,  the  token  is replaced by an implementation-defined
     directory name that defines the path relative to the calling
     program's instruction set architecture.

     The params field is used to pass module-specific options  to
     the   shared   objects.   See   crypt_genhash_impl(3C)   and
     crypt_gensalt_impl(3C).  It is  the  responsibility  of  the
     module to parse and interpret the options.  The params field
     can be used by the modules to turn on debugging or  to  pass
     any  module-specific  parameters  that control the output of
     the hashing algorithm.


     Example  1:  Provide  compatibility  for  md5crypt-generated

     The  default  configuration   preserves   previous   Solaris
     behavior  while  adding compatibility for md5crypt-generated
     passwords as provided on some BSD and Linux systems.

     # crypt.conf
     1 /usr/lib/security/$ISA/

     Example 2: Use md5crypt to  demonstrate  compatibility  with
     BSD- and Linux-based systems.

     The following example lists 4  algorithms  and  demonstrates
     how  compatibility  with  BSD- and Linux-based systems using
     md5crypt is made available, using the algorithm names 1  and

     # crypt.conf
     md5 /usr/lib/security/$ISA/
     rot13 /usr/lib/security/$ISA/

     # For *BSD/Linux compatibilty
     # 1 is md5,  2 is Blowfish
     1 /usr/lib/security/$ISA/
     2 /usr/lib/security/$ISA/


     See attributes(5) for descriptions of the  following  attri-

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Interface Stability         | Evolving                    |


     passwd(1),        crypt(3C),         crypt_genhash_impl(3C),
     crypt_gensalt(3C),                   crypt_gensalt_impl(3C),
     getpassphrase(3C), passwd(4), attributes(5), crypt_unix(5)

Man(1) output converted with man2html