Go to main content

man pages section 5: File Formats

Exit Print View

Updated: Thursday, June 13, 2019
 
 

crypt.conf(5)

Name

crypt.conf - configuration file for pluggable crypt modules

Synopsis

/etc/security/crypt.conf

Description

crypt.conf is the configuration file for the pluggable crypt architecture. Each crypt module must provide a function to generate a password hash, crypt_genhash_impl(3C), and a function to generate the salt, crypt_gensalt_impl(3C).

The module_path field specifies the pathname to a shared library object that implements crypt_genhash_impl() and crypt_gensalt_impl(). If the pathname is not absolute, it is assumed to be relative to /usr/lib/security/$ISA. If the pathname contains the $ISA token, the token is replaced by an implementation-defined directory name that defines the path relative to the calling program's instruction set architecture.

The third field is used to pass module-specific options to the shared objects. See crypt_genhash_impl(3C) and crypt_gensalt(3C). It is the responsibility of the module to parse and interpret the options. The params field can be used by the modules to turn on debugging or to pass any module-specific parameters that control the output of the hashing algorithm

Examples

Example 1 Increasing the Work Factor

The following example increases the work factor to 12 for the crypt_bsdbf(7) module.

2a /usr/lib/security/$ISA/crypt_bsdbf.so 12

Example 2 Setting the Rounds

The following example sets the rounds for the crypt_sunmd5(7) module:

md5 /usr/lib/security/$ISA/crypt_sunmd5.so rounds=2000

Example 3 Using the Default /etc/security/crypt.conf

The following default /etc/security/crypt.conf supports five plugins:


1      crypt_bsdmd5.so.1
2a     crypt_bsdbf.so.1
md5    crypt_sunmd5.so.1
5      crypt_sha256.so.1
6      crypt_sha512.so.1

Attributes

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Interface Stability
Committed

See Also

passwd(1), crypt(3C), crypt_genhash_impl(3C), crypt_gensalt(3C), crypt_gensalt_impl(3C), getpassphrase(3C), passwd(5), attributes(7), crypt_bsdbf(7), crypt_bsdmd5(7), crypt_sha256(7), crypt_sha512(7), crypt_sunmd5(7), crypt_unix(7)