Manual Pages
Table of Contents
na_passwd - modify the system administrative user's password
passwd
rsh-only usage:
passwd oldpassword newpassword [ username ]
passwd changes a filer's administrative user's password.
If there are any non-root users on the filer, you will be
prompted for a user's login name.
Next, you will be prompted for the user's current password.
If you have the capability security-passwd-change_others,
(root has this capability), you will automatically
bypass this step.
Finally, you will be prompted for the new password. The
filer imposes no default minimum length or special character
requirement for root or for Administrator, though this
can be changed by setting the option secu_rity.passwd.rules.everyone
to on.
As with any password, it is best to choose a password
unlikely to be guessed by an intruder. All non-root administrative
user's passwords must meet the following setable
restrictions:
- - it should be at least 8 characters long
-
- - it should contain at least two alphabetic characters
-
- - it should contain at least one digit
-
By default, the above criteria are enforced by the filer
when a new password is given. However, there are a few
options which will change the password requirements. secu_rity.passwd.rules.enable
can be used to prevent the
restrictions from being enforced, and there are a series
of other options under security.passwd.rules which specify
requirements. See na_options(1) for additional information.
If the filer is booted from floppy disk, selection "(3)
Change password" enables you to reset the root password
without entering the old password. This is useful for the
forgetful.
The second style of using the passwd command, shown in the
SYNOPSIS above, is only allowed when you execute the password
command using rsh. Since rsh doesn't allow prompting,
all the necessary values must be put on the command-line.
If root is the only user on the system, you do not have to
provide an explicit username as a third argument. In this
case, root is assumed.
Each filer in a cluster can have a different password.
However, in takeover mode, use only the password set on
the live filer to access the consoles of both filers. You
do not need to enter the failed filer's password to execute
commands in partner mode.
Because the password for the failed filer becomes unnecessary
after a takeover, you do not have increased security
by assigning different passwords to the filers in a cluster.
Network Appliance recommends that you use the same
password for both filers.
When run from a vfiler context, (e.g. via the vfiler run
command), passwd operates on the concerned vfiler, and can
only be used to change the password of a user of that
vfiler.
na_partner(1), na_useradmin(1), na_options(1),
na_vfiler(1)
Table of Contents