pam-dotfile-gen(1) change password for libpam-dotfile


pam-dotfile-gen >> ~/.pam-service

pam-dotfile-gen -a service


pam-dotfile-gen is a utility to create a password for a particular service, if your system administrator has set up authenication for that service with libpam-dotfile.

To create or change your password, just enter pam-dotfile-gen -a <service> and you will be prompted for the password. The password will be written to ~/.pam-<service> in a hashed format. To add another password to the same service repeat the command.

If called without any argument the tool will act as filter. Unencrypted passwords are read from STDIN, are crypted and written to STDOUT. The passwords are separated by newlines. Empty lines and lines beginning with # are ignored and written in an untouched way to STDOUT.

The file format of the ~/.pam is rather simple. Every non-empty line which does not begin with # is compared with the hashed password to be checked. This allows you to specify free form comments for each password with a simple text editor.


-a service

Instead of acting as a filter read a single password from the user and add it to the .pam-file for the specified service.


 Enable compatibility with pam_dotfile older than 0.6. Passwords hashed with this enabled are created in a form compatible with older release. You shouldn't use this.


Show a terse usage summary.


pam-dotfile was written by Lennart Poettering <mzcnzqbgsvyr (at) 0pointer (dot) de>. pam-dotfile is available at


This man page was written using xmltoman (1) by Oliver Kurth.