srptool(1) [debian man page]
srptool(1) General Commands Manual srptool(1) NAME
srptool - Simple SRP password tool SYNOPSIS
srptool [options] DESCRIPTION
Very simple program that emulates the programs in the Stanford SRP (Secure Remote Password) libraries using GnuTLS. It is intended for use in places where you don't expect SRP authentication to be the used for system users. In brief, to use SRP you need to create two files. These are the password file that holds the users and the verifiers associated with them and the configuration file to hold the group parameters (called tpasswd.conf). OPTIONS
--bits BITS specify the number of bits for prime numbers (used only when the --create-conf option is used). --create-conf FILE Generate a tpasswd.conf file. -h, --help Prints a short reminder of the command line options. -i, --index INDEX Specify the index of the parameters in tpasswd.conf to use. -p, --passwd FILE Specify a password file. -c, --passwd-conf FILE Specify a password configuration file. -s, --salt SALT Specify salt size for crypt algorithm. -u, --username username Specify username. --verify Just verify password. EXAMPLES
To create tpasswd.conf which holds the g and n values for SRP protocol (generator and a large prime), run: $ srptool --create-conf /etc/tpasswd.conf This command will create /etc/tpasswd and will add user 'test' (you will also be prompted for a password). Verifiers are stored by default in the way libsrp expects. $ srptool --passwd /etc/tpasswd --passwd-conf /etc/tpasswd.conf -u test This command will check against a password. If the password matches the one in /etc/tpasswd you will get an ok. $ srptool --passwd /etc/tpasswd --passwd-conf /etc/tpasswd.conf --verify -u test AUTHOR
Nikos Mavrogiannopoulos <nmav@gnutls.org> and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list. This manual page was written by Ivo Timmermans <ivo@debian.org>, for the Debian GNU/Linux system (but may be used by others). February 21st 2005 srptool(1)
Check Out this Related Man Page
crypt_sunmd5(5) Standards, Environments, and Macros crypt_sunmd5(5) NAME
crypt_sunmd5 - password hashing module using MD5 message hash algorithm SYNOPSIS
/usr/lib/security/$ISA/crypt_sunmd5.so DESCRIPTION
The crypt_sunmd5 module is a one-way password hashing module for use with crypt(3C) that uses the MD5 message hash algorithm. The algorithm identifier for crypt.conf(4) and policy.conf(4) is md5. This module is designed to make it difficult to crack passwords that use brute force attacks based on high speed MD5 implementations that use code inlining, unrolled loops, and table lookup. The maximum password length for crypt_sunmd5 is 255 characters. The following options can be passed to the module by means of crypt.conf(4): rounds=<positive_number> Specifies the number of additional rounds of MD5 to use in generation of the salt; the default number of rounds is 4096. Negative values have no effect and are ignored, that is, the number of rounds cannot be lowered below 4096. The number of additional rounds is stored in the salt string returned by crypt_gensalt(3C). For example: $md5,rounds=1000$nlxmTTpz$ When crypt_gensalt(3C) is being used to generate a new salt, if the number of additional rounds configured in crypt.conf(4) is greater than that in the old salt, the value from crypt.conf(4) is used instead. This allows for migration to stronger (but more time-consuming) salts on password change. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |MT-Level |Safe | +-----------------------------+-----------------------------+ SEE ALSO
passwd(1), crypt(3C), crypt_genhash_impl(3C), crypt_gensalt(3C), crypt_gensalt_impl(3C), getpassphrase(3C), crypt.conf(4), passwd(4), pol- icy.conf(4), attributes(5) SunOS 5.11 23 Dec 2003 crypt_sunmd5(5)