mkpwdict - maintain password-strength checking database
/usr/bin/mkpwdict [-s dict1,... ,dictN] [-l minwordlength] [-d destination-path]
The mkpwdict command adds words to the dictionary-lookup database used by pam_authtok_check(7) and passwd(1).
Files containing words to be added to the database can be specified on the command-line using the –s flag.
These source files should have a single word per line. A word should contain only alphanumeric characters; case does not matter. All other characters are discarded. Words shorter than the specified minimum (see below) are skipped. The file /usr/share/lib/dict/words or another spell-checking dictionary can be used as a source file but needs to be processed so that it contains only words with minimum length, by specifying DICTIONMINWORDLENGTH in /etc/default/passwd or the –l option.
If –s is omitted, mkpwdict will use the value of DICTIONLIST specified in /etc/default/passwd (see passwd(1)).
If –l is omitted, mkpwdict will use the value of DICTIONMINWORDLENGTH specified in /etc/default/passwd (see passwd(1)).
The database is created in the directory specified by the –d option. If this option is omitted, mkpwdict uses the value of DICTIONDBDIR specified in /etc/default/passwd (see passwd(1)). The default location is /var/passwd.
The following options are supported:
Specifies a comma-separated list of files containing words to be added to the dictionary-lookup database.
Specifies the minimum dictionary word length, in letters. Words shorter than the specified number will be omitted from the corresponding source file. This option takes a number greater or equal to 2.
Specifies the target location of the dictionary-database.
example$ mkpwdict -s /path/to/dict1,/path/to/dict2 -l 3
This example processes dictionary /path/to/dict1 and skips words from it shorter than 3 letters. Then it processes dictionary /path/to/dict2 and skips words from it shorter than 3 letters. Finally these two dictionaries are merged and written to the default password dictionary location.
See passwd(1).
default destination directory
See attributes(7) for descriptions of the following attributes:
|
passwd(1), attributes(7), pam_authtok_check(7)
The –l option and DICTIONMINWORDLENGTH property were added in Oracle Solaris 11.1.17 and a Solaris 10 patch.
The mkpwdict command was added to Oracle Solaris in Solaris 10 3/05.