Contains configuration information for loadable password algorithms (LPA).
The /etc/security/pwdalg.cfg file is an ASCII file that contains stanzas of configuration information for loadable password algorithms (LPA). Each stanza has a name, followed by a colon (:), which defines an LPA. An LPA name is used in the /etc/security/login.cfg file to specify the default system-wide password algorithm. Attributes are in the form Attribute=Value. Each attribute ends with a newline character, and each stanza ends with an additional newline character. For an example of a stanza, see Examples.
Attribute | Definition |
---|---|
lpa_module | Defines the path of the LPA to load. If you do not specify a full path, the /usr/lib/security directory is prefixed for 32-bit. The full path of the 64-bit load module is the full path of the 32-bit module suffixed with _64. |
lpa_options | Specifies an optional attribute that provides a means to communicate run-time configuration options to the load module. The value is a comma-separated list of items. Options that can be used are specific to the LPA that you specify in the lpa_module attribute. The optional flags for each LPA module are described in the product documentation for that LPA. |
Read and write access is granted to the root user and members of the security group.
*******************************************************************************
*
* /usr/lib/security/smd5 is a password hashing load module using
* the MD5 algorithm.
*
* It supports password length up to 255 characters.
*
* To generate smd5 password hash compatible to standard salted MD5,
* add the following option line for smd5 stanza.
* lpa_options = std_hash=true
*
* Note: password hash generated with this option won't be compatible with
* hash generated without this option.
*
*******************************************************************************
smd5:
lpa_module = /usr/lib/security/smd5
ssha256:
lpa_module = /usr/lib/security/ssha
lpa_options = algorithm=sha256,cost_num=9,salt_len=24
Item | Description |
---|---|
/etc/security/pwdalg.cfg | Specifies the path to the file. |
/etc/security/login.cfg | Contains configuration information for login and user authentication. |
/etc/passwd | Contains the basic attributes of users. |
/etc/security/passwd | Contains password information. |