Add support for the modified SGC key format used in IIS.

[openssl.git] / doc / apps / passwd.pod

diff --git a/doc/apps/passwd.pod b/doc/apps/passwd.pod
index 0df9252981974846dafff9ed0de26b903285796d..cee6a2f172edcdfa71eddd3967ee495adef65d16 100644 (file)
--- a/doc/apps/passwd.pod
+++ b/doc/apps/passwd.pod
@@ -8,17 +8,22 @@ passwd - compute password hashes
 
 B<openssl passwd>
 [B<-crypt>]
-[B<-salt string>]
+[B<-apr1>]
+[B<-salt> I<string>]
+[B<-in> I<file>]
+[B<-stdin>]
 [B<-quiet>]
 [B<-table>]
-{B<password>}
+{I<password>}
 
 =head1 DESCRIPTION
 
-The B<passwd> command computes the hashes of a list of passwords
-passed on the command line, or the hash of a password typed at run-time.
-Currently only the Unix standard algorithm B<crypt>
-is implemented.
+The B<passwd> command computes the hash of a password typed at
+run-time or the hash of each password in a list.  The password list is
+taken from the named file for option B<-in file>, from stdin for
+option B<-stdin>, and from the command line otherwise.
+The Unix standard algorithm B<crypt> and the MD5-based B<apr1> algorithm
+are available.
 
 =head1 OPTIONS
 
@@ -28,13 +33,25 @@ is implemented.
 
 Use the B<crypt> algorithm (default).
 
-=item B<-salt string>
+=item B<-apr1>
+
+Use the B<apr1> algorithm.
+
+=item B<-salt> I<string>
 
 Use the specified salt.
 
+=item B<-in> I<file>
+
+Read passwords from I<file>.
+
+=item B<-stdin>
+
+Read passwords from B<stdin>.
+
 =item B<-quiet>
 
-Don't output warnings when passwords are truncated.
+Don't output warnings when passwords given at the command line are truncated.
 
 =item B<-table>
 
@@ -43,8 +60,10 @@ to each password hash.
 
 =back
 
-=head1 EXAMPLE
+=head1 EXAMPLES
+
+B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
 
-B<openssl passwd -salt xx password> prints B<xxj31ZMTZzkVA>.
+B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
 
 =cut