Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
PASSWD(5)		  FreeBSD File Formats Manual		     PASSWD(5)

     passwd, master.passwd -- format of	the password file

     The master.passwd file, readable only by root, consists of	newline-sepa-
     rated records, one	per user, containing ten colon separated fields.
     These fields are as follows:

	   name	     User's login name.
	   password  User's encrypted password.
	   uid	     User's login user ID.
	   gid	     User's login group	ID.
	   class     User's general classification (see	login.conf(5)).
	   change    Password change time.
	   expire    Account expiration	time.
	   gecos     General information about the user.
	   home_dir  User's home directory.
	   shell     User's login shell.

     The publicly-readable passwd file is generated from the master.passwd
     file by pwd_mkdb(8) and has the class, change, and	expire fields removed.
     Also, the encrypted password field	is replaced by an asterisk.

     The password files	should never be	edited by hand;	vipw(8)	should be used

     The name field is the login used to access	the computer account, and the
     uid field is the number associated	with it.  They should both be unique
     across the	system (and often across a group of systems) since they	con-
     trol file access.

     While it is possible to have multiple entries with	identical login	names
     and/or identical user IDs,	it is usually a	mistake	to do so.  Routines
     that manipulate these files will often return only	one of the multiple
     entries, and that one by random selection.

     The login name may	be up to 31 characters long.  For compatibility	with
     legacy software, a	login name should start	with a letter and consist
     solely of letters,	numbers, dashes	and underscores.  The login name must
     never begin with a	dash (`-'); also, it is	strongly suggested that	nei-
     ther uppercase characters nor dots	(`.') be part of the name, as this
     tends to confuse mailers.	No field may contain a colon as	this has been
     used historically to separate the fields in the user database.

     The password field	is the encrypted form of the password.	If the
     password field is empty, no password will be required to gain access to
     the machine.  This	is almost invariably a mistake.	 By convention,	ac-
     counts that are not intended to be	logged in to (e.g. bin,	daemon,	sshd)
     only contain a single asterisk in the password field.  Note that there is
     nothing special about `*',	it is just one of many characters that cannot
     occur in a	valid encrypted	password (see crypt(3)).  Similarly, login ac-
     counts not	allowing password authentication but allowing other authenti-
     cation methods, for example public	key authentication, conventionally
     have 13 asterisks in the password field.  Because master.passwd contains
     the encrypted user	passwords, it should not be readable by	anyone without
     appropriate privileges.

     Configuration for the cipher used to encrypt the password information is
     contained in login.conf(5).

     The group field is	the primary group that the user	will be	placed in upon
     login.  Note that the group(5) file may grant the user access to supple-
     mentary groups.

     The class field is	used by	login(1) and other programs to determine which
     entry in the login.conf(5)	database should	be used.

     The change	field is the number in seconds,	GMT, from the Epoch, until the
     password for the account must be changed.	This field may be left empty
     to	turn off the password aging feature.

     The expire	field is the number in seconds,	GMT, from the Epoch, until the
     account expires.  This field may be left empty to turn off	the account
     aging feature.

     The gecos field normally contains comma separated subfields as follows:

	   name	   User's full name.
	   office  User's office location.
	   wphone  User's work phone number.
	   hphone  User's home phone number.

     The full name may contain an ampersand (`&'), which will be replaced by
     the capitalized login name	when the gecos field is	displayed or used by
     various programs such as finger(1), sendmail(8), etc.

     The office	and phone number subfields, if they exist, are used by the
     finger(1) program and possibly by other applications.

     The home_dir field	is the full path name of a directory to	be used	as the
     initial working directory for the user's login shell.  Usually, it	is
     owned by the user and by the user's primary group.

     The shell field is	the command interpreter	the user prefers.  If there is
     nothing in	the shell field, the default shell (/bin/sh) is	assumed.  Ac-
     counts that are not intended to be	logged in to usually have a shell of

     If	YP is active, the passwd file also supports standard YP	exclusions and
     inclusions, based on user names and netgroups.

     Lines beginning with a `-'	(minus sign) are entries marked	as being ex-
     cluded from any following inclusions, which are marked with a `+' (plus

     If	the second character of	the line is a `@' (at sign), the operation in-
     volves the	user fields of all entries in the netgroup specified by	the
     remaining characters of the name field.  Otherwise, the remainder of the
     name field	is assumed to be a specific user name.

     The `+' token may also be alone in	the name field,	which causes all users
     from the passwd.byname and	passwd.byuid YP	maps to	be included.

     If	the entry contains non-empty uid or gid	fields,	the specified numbers
     will override the information retrieved from the YP maps.	Additionally,
     if	the gecos, dir,	or shell entries contain text, it will override	the
     information included via YP.  On some systems, the	passwd field may also
     be	overridden.  It	is recommended that the	standard way to	enable YP
     passwd support in /etc/master.passwd is:


     which after pwd_mkdb(8) will result in /etc/passwd	containing:


     When YP is	enabled	but temporarily	unavailable, login becomes impossible
     for all users except those	having an entry	in the netid(5)	file.

     chpass(1),	login(1), passwd(1), crypt(3), getpwent(3), login.conf(5),
     netgroup(5), netid(5), adduser(8),	Makefile.yp(8),	pwd_mkdb(8), vipw(8),

     Managing NFS and NIS (O'Reilly & Associates)

     A passwd file format first	appeared in Version 1 AT&T UNIX.  The gecos
     field first appeared in Version 3 AT&T UNIX; since	the same version, the
     passwords are encrypted.  The gid field first appeared in Version 5 AT&T
     UNIX; the class, change and expire	fields as well as the master.passwd
     file in 4.3BSD-Reno.

     The YP file format	first appeared in SunOS.

     Placing YP	exclusions in the file after any inclusions does not cancel
     the earlier inclusions.

FreeBSD	13.0		       November	2, 2014			  FreeBSD 13.0


Want to link to this manual page? Use this URL:

home | help