diff options
Diffstat (limited to 'man/zh_CN/man1/passwd.1')
-rw-r--r-- | man/zh_CN/man1/passwd.1 | 145 |
1 files changed, 79 insertions, 66 deletions
diff --git a/man/zh_CN/man1/passwd.1 b/man/zh_CN/man1/passwd.1 index 0742a7b2..16bc7e0e 100644 --- a/man/zh_CN/man1/passwd.1 +++ b/man/zh_CN/man1/passwd.1 @@ -2,12 +2,12 @@ .\" Title: passwd .\" Author: Julianne Frances Haugh .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: 2019-06-13 +.\" Date: 2019-12-01 .\" Manual: 用户命令 -.\" Source: shadow-utils 4.7 +.\" Source: shadow-utils 4.8 .\" Language: Chinese Simplified .\" -.TH "PASSWD" "1" "2019-06-13" "shadow\-utils 4\&.7" "用户命令" +.TH "PASSWD" "1" "2019-12-01" "shadow\-utils 4\&.8" "用户命令" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -34,15 +34,18 @@ passwd \- 更改用户密码 \fBpasswd\fR [\fI选项\fR] [\fI登录\fR] .SH "描述" .PP +The \fBpasswd\fR -命令用来更改用户账户的密码。普通用户通常只更改其自己账户的密码,而超级用户可以更改任何账户的密码。\fBpasswd\fR -也更改账户或相关的密码有效期。 +command changes passwords for user accounts\&. A normal user may only change the password for their own account, while the superuser may change the password for any account\&. +\fBpasswd\fR +also changes the account or associated password validity period\&. .SS "密码更改" .PP 如果有旧密码,首先提示用户输入旧密码。加密这个密码然后和存储的密码进行比较。用户只有一次机会输入正确密码。允许超级用户略过这个步骤,以便更改忘记了的密码。 .PP -输入了密码之后,会检查密码年龄信息,以查看此时是否允许用户更改密码。如果不允许,\fBpasswd\fR -拒绝更改密码,然后退出。 +After the password has been entered, password aging information is checked to see if the user is permitted to change the password at this time\&. If not, +\fBpasswd\fR +refuses to change the password and exits\&. .PP 提示用户输入两次新密码。第二次和第一次进行比较,并且需要相同才能更改密码。 .PP @@ -81,28 +84,30 @@ passwd \- 更改用户密码 标点符号 .RE .PP -必须要留意不能包含系统默认的擦除和杀死字符。\fBpasswd\fR -会拒绝复杂度不满足要求的密码。 +Care must be taken not to include the system default erase or kill characters\&. +\fBpasswd\fR +will reject any password which is not suitably complex\&. .SS "关于用户密码的提示" .PP -密码的安全性依赖于加密算法的强度和密钥空间的大小。旧的 +The security of a password depends upon the strength of the encryption algorithm and the size of the key space\&. The legacy \fIUNIX\fR -系统加密算法基于 NBS DES 算法。推荐使用更新的算法(查看 -\fBENCRYPT_METHOD\fR)。密钥空间的大小依赖于选择的密码的随机性。 +System encryption method is based on the NBS DES algorithm\&. More recent methods are now recommended (see +\fBENCRYPT_METHOD\fR)\&. The size of the key space depends upon the randomness of the password which is selected\&. .PP 由于粗心地或处理选择密码,会危及密码的安全。由于这个原因,您不应该选择出现在词典中或者必须要写下来才能记住的密码。密码也不应该是一个名字、许可证号、生日或者街道号。所有这些可以用于猜测来损害系统安全。 .PP You can find advice on how to choose a strong password on http://en\&.wikipedia\&.org/wiki/Password_strength .SH "选项" .PP +The options which apply to the \fBpasswd\fR -命令可以接受的选项有: +command are: .PP \fB\-a\fR, \fB\-\-all\fR .RS 4 -此选项只能和 +This option can be used only with \fB\-S\fR -一起使用,来显示所有用户的状态。 +and causes show status for all users\&. .RE .PP \fB\-d\fR, \fB\-\-delete\fR @@ -122,9 +127,9 @@ You can find advice on how to choose a strong password on http://en\&.wikipedia\ .PP \fB\-i\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR .RS 4 -此选项用于在密码过期一定天数之后禁用账户。一个用户账户密码已经过期 +This option is used to disable an account after the password has been expired for a number of days\&. After a user account has had an expired password for \fIINACTIVE\fR -天之后,用户将不能再登录进账户。 +days, the user may no longer sign on to the account\&. .RE .PP \fB\-k\fR, \fB\-\-keep\-tokens\fR @@ -136,17 +141,17 @@ You can find advice on how to choose a strong password on http://en\&.wikipedia\ .RS 4 锁定指定账户的密码。此选项通过将密码更改为一个不可能与加密值匹配的值来禁用(它在密码开头添加一个\(lq!\(rq)。 .sp -注意,这并没有禁用此账户。用户仍然可以通过其它认证方式(如 SSH 密码)来登录。要禁用此账户,管理员需要使用 +Note that this does not disable the account\&. The user may still be able to login using another authentication token (e\&.g\&. an SSH key)\&. To disable the account, administrators should use \fBusermod \-\-expiredate 1\fR -(设置账户的过期时间为1970年1月2日)。 +(this set the account\*(Aqs expire date to Jan 2, 1970)\&. .sp 被锁定了密码的用户不允许更改密码。 .RE .PP \fB\-n\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR .RS 4 -在密码更改之间的最小天数设置为 -\fIMIN_DAYS\fR。此字段中的 0 值表示用户可以在任何时间更改其密码。 +Set the minimum number of days between password changes to +\fIMIN_DAYS\fR\&. A value of zero for this field indicates that the user may change their password at any time\&. .RE .PP \fB\-q\fR, \fB\-\-quiet\fR @@ -156,9 +161,9 @@ You can find advice on how to choose a strong password on http://en\&.wikipedia\ .PP \fB\-r\fR, \fB\-\-repository\fR\ \&\fIREPOSITORY\fR .RS 4 -在 +change password in \fIREPOSITORY\fR -中更改密码 +repository .RE .PP \fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR @@ -177,26 +182,28 @@ directory\&. .PP \fB\-u\fR, \fB\-\-unlock\fR .RS 4 -解锁指定用户的密码。此操作通过将密码改回先前值(改回使用 +Unlock the password of the named account\&. This option re\-enables a password by changing the password back to its previous value (to the value before using the \fB\-l\fR -之前的值)重新启用密码。 +option)\&. .RE .PP \fB\-w\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR .RS 4 -设置在要求更改密码之前警告的天数。\fIWARN_DAYS\fR -选项是在密码过期之前提前警告的天数。 +Set the number of days of warning before a password change is required\&. The +\fIWARN_DAYS\fR +option is the number of days prior to the password expiring that a user will be warned that their password is about to expire\&. .RE .PP \fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR .RS 4 -设置密码仍然有效的最大天数。\fIMAX_DAYS\fR -之后,密码会要求更改。 +Set the maximum number of days a password remains valid\&. After +\fIMAX_DAYS\fR, the password is required to be changed\&. .sp -\fIMAX_DAYS\fR -设置为 +Passing the number \fI\-1\fR -会移除密码有效性检查。 +as +\fIMAX_DAYS\fR +will remove checking a password\*(Aqs validity\&. .RE .SH "CAVEATS" .PP @@ -205,36 +212,38 @@ directory\&. 在启动了 NIS 的系统上,如果没有登录 NIS 服务器,用户或许不能更改自己的密码。 .SH "配置文件" .PP -在 +The following configuration variables in /etc/login\&.defs -中有如下配置变量,可以用来更改此工具的行为: +change the behavior of this tool: .PP \fBENCRYPT_METHOD\fR (string) .RS 4 这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 .sp -可以使用如下值:\fIDES\fR +It can take one of these values: +\fIDES\fR (default), \fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. .sp -注意,此参数会覆盖 +Note: this parameter overrides the \fBMD5_CRYPT_ENAB\fR -变量。 +variable\&. .RE .PP \fBMD5_CRYPT_ENAB\fR (boolean) .RS 4 -表示密码是否必须使用基于 MD5 的算法加密。如果设为 -\fIyes\fR,新密码将使用可以和新版 FreeBSD 兼容的基于 MD5 的算法加密。它支持无限长度的密码以及更长的盐字符串。如果您需要将加密的密码复制到其它不理解新算法的系统,设置为 -\fIno\fR。默认值是 -\fIno\fR。 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. .sp This variable is superseded by the \fBENCRYPT_METHOD\fR variable or by any command line option used to configure the encryption algorithm\&. .sp -此变量已经废弃。您应该使用 -\fBENCRYPT_METHOD\fR。 +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. .RE .PP \fBOBSCURE_CHECKS_ENAB\fR (boolean) @@ -254,21 +263,22 @@ variable or by any command line option used to configure the encryption algorith .PP \fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number) .RS 4 -crypt() 的有效字符位数。\fBPASS_MAX_LEN\fR -默认是 8,除非您自己的 crypt() 更好,否则不要更改。如果 +Number of significant characters in the password for crypt()\&. +\fBPASS_MAX_LEN\fR +is 8 by default\&. Don\*(Aqt change unless your crypt() is better\&. This is ignored if \fBMD5_CRYPT_ENAB\fR -设为 -\fIyes\fR,会被忽略。 +set to +\fIyes\fR\&. .RE .PP \fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) .RS 4 +When \fBENCRYPT_METHOD\fR -设为 +is set to \fISHA256\fR -或 -\fISHA512\fR -时,此项确定加密算法默认使用 SHA 轮转数目(当轮转数没有通过命令行指定时)。 +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. .sp 使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 .sp @@ -276,16 +286,16 @@ crypt() 的有效字符位数。\fBPASS_MAX_LEN\fR .sp 值必须在 1000 \- 999,999,999 之间。 .sp -如果只设置了一个 +If only one of the \fBSHA_CRYPT_MIN_ROUNDS\fR -或 +or \fBSHA_CRYPT_MAX_ROUNDS\fR -值,就会使用这个值。 +values is set, then this value will be used\&. .sp -如果 +If \fBSHA_CRYPT_MIN_ROUNDS\fR > -\fBSHA_CRYPT_MAX_ROUNDS\fR,将会使用大的那个。 +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. .RE .SH "文件" .PP @@ -305,48 +315,51 @@ Shadow 密码套件配置。 .RE .SH "退出值" .PP +The \fBpasswd\fR -命令退出,并返回如下值: +command exits with the following values: .PP \fI0\fR .RS 4 -成功 +success .RE .PP \fI1\fR .RS 4 -权限不够 +permission denied .RE .PP \fI2\fR .RS 4 -无效的选项组合 +invalid combination of options .RE .PP \fI3\fR .RS 4 -意外的失败,什么也没有做。 +unexpected failure, nothing done .RE .PP \fI4\fR .RS 4 -意外的失败,passwd -文件丢失 +unexpected failure, +passwd +file missing .RE .PP \fI5\fR .RS 4 passwd -文件忙,请重试 +file busy, try again .RE .PP \fI6\fR .RS 4 -给了选项一个无效的参数 +invalid argument to option .RE .SH "参见" .PP \fBchpasswd\fR(8), \fBpasswd\fR(5), \fBshadow\fR(5), -\fBlogin.defs\fR(5),\fBusermod\fR(8)\&. +\fBlogin.defs\fR(5), +\fBusermod\fR(8)\&. |