CRYPT.CONF(5) File Formats and Configurations CRYPT.CONF(5)
NAME
crypt.conf - configuration file for pluggable crypt modules
SYNOPSIS
/etc/security/crypt.conf
DESCRIPTION
crypt.conf is the configuration file for the pluggable crypt
architecture. Each crypt module must provide a function to generate
a password hash,
crypt_genhash_impl(3C), and a function to generate
the salt,
crypt_gensalt_impl(3C).
There must be at least one entry in
crypt.conf with the same name as
is stored in the
crypt_algorithm_magic symbol of the module. The
documentation provided with the module should list this name.
The
module_path field specifies the path name to a shared library
object that implements
crypt_genhash_impl(),
crypt_gensalt_impl(),
and
crypt_algorithm_magic. If the path name is not absolute, it is
assumed to be relative to
/usr/lib/security/$ISA. If the path name
contains the
$ISA token, the token is replaced by an implementation-
defined directory name that defines the path relative to the calling
program's instruction set architecture.
The
params field is used to pass module-specific options to the
shared objects. See
crypt_genhash_impl(3C) and
crypt_gensalt_impl(3C). It is the responsibility of the module to
parse and interpret the options. The
params field can be used by the
modules to turn on debugging or to pass any module-specific
parameters that control the output of the hashing algorithm.
EXAMPLES
Example 1: Provide compatibility for md5crypt-generated passwords.
The default configuration preserves previous Solaris behavior while
adding compatibility for md5crypt-generated passwords as provided on
some BSD and Linux systems.
#
# crypt.conf
#
1 /usr/lib/security/$ISA/crypt_bsdmd5.so
Example 2: Use md5crypt to demonstrate compatibility with BSD- and
Linux-based systems.
The following example lists 4 algorithms and demonstrates how
compatibility with BSD- and Linux-based systems using md5crypt is
made available, using the algorithm names 1 and 2.
#
# crypt.conf
#
md5 /usr/lib/security/$ISA/crypt_md5.so
rot13 /usr/lib/security/$ISA/crypt_rot13.so
# For *BSD/Linux compatibility
# 1 is md5, 2 is Blowfish
1 /usr/lib/security/$ISA/crypt_bsdmd5.so
2 /usr/lib/security/$ISA/crypt_bsdbf.so
ATTRIBUTES
See
attributes(7) for descriptions of the following attributes:
+--------------------+-----------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+--------------------+-----------------+
|Interface Stability | Evolving |
+--------------------+-----------------+
SEE ALSO
passwd(1),
crypt(3C),
crypt_genhash_impl(3C),
crypt_gensalt(3C),
crypt_gensalt_impl(3C),
getpassphrase(3C),
passwd(5),
attributes(7),
crypt_unix(7) December 28, 2020 CRYPT.CONF(5)
