PASSWD(1) PASSWD(1)
NAME
passwd - change user password
SYNOPSIS
auth/passwd [ -u user ] [ -s signer ] [ keyfile ]
DESCRIPTION
Passwd changes the secret shared between the invoker and the
authentication server signer (default: $SIGNER). The signer
must offer the keysrv(4) service.
The secret is associated with a remote user name that need
not be the same as the name of the invoking user on the
local system. That remote user name is specified by a cer-
tificate signed by signer, and obtained from keyfile.
Keyfile identifies a file containing a certificate (default:
`default'). If keyfile is not an absolute pathname, the
file used will be /usr/user/keyring/keyfile. User by
default is the invoking user's name (read from /dev/user),
but the -u option can name another.
Passwd connects to the signer, authenticating using the cer-
tificate in keyfile, and checks that the user in the cer-
tificate is registered there with an existing secret.
Passwd then prompts for the (remote) user's old secret, to
double-check identity, then prompts for a new one, which
must be confirmed.
Secrets must be at least eight characters long. Try to make
them hard to guess.
FILES
/dev/user current user name
/mnt/keysrv local mount point for connection to remote
keysrv(4)
SOURCE
/appl/cmd/auth/passwd.b
SEE ALSO
keyfs(4), keysrv(4), changelogin(8), logind(8)
Page 1 Plan 9 (printed 10/29/25)