1.\" $OpenBSD: login_passwd.8,v 1.7 2003/06/17 21:56:24 millert Exp $
2.\"
3.\" Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd December 11, 2000
18.Dt LOGIN_PASSWD 8
19.Os
20.Sh NAME
21.Nm login_passwd
22.Nd provide standard password authentication type
23.Sh SYNOPSIS
24.Nm login_passwd
25.Op Fl s Ar service
26.Op Fl v Ar wheel=yes|no
27.Op Fl v Ar lastchance=yes|no
28.Ar user
29.Op Ar class
30.Sh DESCRIPTION
31The
32.Nm
33utility is called by
34.Xr login 1 ,
35.Xr su 1 ,
36.Xr ftpd 8 ,
37and others to authenticate the
38.Ar user
39with passwd-style authentication.
40.Pp
41The
42.Ar user
43argument is the login name of the user to be authenticated.
44.Pp
45The
46.Ar service
47argument specifies which protocol to use with the
48invoking program.
49The allowed protocols are
50.Em login ,
51.Em challenge ,
52and
53.Em response .
54(The
55.Em challenge
56protocol is silently ignored but will report success as passwd-style
57authentication is not challenge-response based).
58.Pp
59If the
60.Ar wheel
61argument is specified and is not set to
62.Dq yes ,
63then the user will be rejected as not being in group
64.Dq wheel .
65This is used by
66.Xr su 1 .
67.Pp
68If the
69.Ar lastchance
70argument is specified and is equal to
71.Dq yes ,
72then if the user's password has expired, and it has not been
73expired longer than
74.Dq password-dead
75seconds (see
76.Xr login.conf 5 ) ,
77the user will be able to log in one last time to change the password.
78.Pp
79.Nm
80will prompt the user for a password and report back to the
81invoking program whether or not the authentication was
82successful.
83.Sh SEE ALSO
84.Xr login 1 ,
85.Xr passwd 1 ,
86.Xr su 1 ,
87.Xr login.conf 5 ,
88.Xr ftpd 8
89