Go to main content

man pages section 8: System Administration Commands

Exit Print View

Updated: Thursday, June 13, 2019
 
 

mkpwdict(8)

Name

mkpwdict - maintain password-strength checking database

Synopsis

/usr/bin/mkpwdict [-s 
dict1,... ,dictN] 
     [-d destination-path]

Description

The mkpwdict command adds words to the dictionary-lookup database used by pam_authtok_check(7) and passwd(1).

Files containing words to be added to the database can be specified on the command-line using the –s flag.

These source files should have a single word per line. A word should contain only alphanumeric characters; case does not matter. All other characters are discarded. Words shorter than the specified minimum (see below) are skipped. The file /usr/share/lib/dict/words or another spell-checking dictionary can be used as a source file but needs to be processed first so that it contains only words with minimum length, by specifying DICTIONMINWORDLENGTH or "–l" option.

If –s is omitted, mkpwdict will use the value of DICTIONLIST specified in /etc/default/passwd (see passwd(1)).

If –l is omitted, mkpwdict will use the value of DICTIONMINWORDLENGTH specified in /etc/default/passwd (see passwd(1)).

The database is created in the directory specified by the –d option. If this option is omitted, mkpwdict uses the value of DICTIONDBDIR specified in /etc/default/passwd (see passwd(1)). The default location is /var/passwd.

Options

The following options are supported:

–s

Specifies a comma-separated list of files containing words to be added to the dictionary-lookup database.

–l

Specifies the minimum dictionary word length. Words shorter than the specified number will be omitted from the corresponding source file. This option takes a number greater or equal to 2 [letters].

–d

Specifies the target location of the dictionary-database.

Examples

Example 1 Using Two Spell-checking Dictionaries and Filtering Them to Contain Only Words not Shorter Than 3 Letters
example$ mkpwdict -s /path/to/dict1,/path/to/dict2 -l 3

This example processes dictionary /path/to/dict1 and skips words from it shorter than 3 letters. Then it processes dictionary /path/to/dict2 and skips words from it shorter than 3 letters. Finally these two dictionaries are merged and written to the default password dictionary location.

Files

/etc/default/passwd

See passwd(1).

/var/passwd

default destination directory

Attributes

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/core-os
Interface Stability
Committed

See Also

passwd(1), attributes(7), pam_authtok_check(7)