The Shadow Password Suite contains the chage, chfn, chsh, expiry, faillog, gpasswd, lastlog, login, newgrp, passwd, sg, su, chpasswd, dpasswd, groupadd, groupdel, groupmod, grpck, grpconv, grpunconv, logoutd, mkpasswd, newusers, pwck, pwconv, pwunconv, useradd, userdel, usermod and vipw programs.
chage changes the number of days between password changes and the date of the last password change.
chfn changes user fullname, office number, office extension, and home phone number information for a user's account.
chsh changes the user login shell.
It's currently unknown what this program is for.
faillog formats the contents of the failure log,/var/log/faillog, and maintains failure counts and limits.
gpasswd is used to administer the /etc/group file
lastlog formats and prints the contents of the last login log, /var/log/lastlog. The login-name, port, and last login time will be printed.
login is used to establish a new session with the system.
newgrp is used to change the current group ID during a login session.
passwd changes passwords for user and group accounts.
sg executes command as a different group ID.
Change the effective user id and group id to that of a user. This replaces the su programs that's installed from the Shellutils package.
chpasswd reads a file of user name and password pairs from standard input and uses this information to update a group of existing users.
dpasswd adds, deletes, and updates dialup passwords for user login shells.
The groupadd command creates a new group account using the values specified on the command line and the default values from the system.
The groupdel command modifies the system account files, deleting all entries that refer to group.
The groupmod command modifies the system account files to reflect the changes that are specified on the command line.
grpck verifies the integrity of the system authentication information.
grpunconv converts to shadow group files from normal group files.
grpunconv converts from shadow group files to normal group files.
logoutd enforces the login time and port restrictions specified in /etc/porttime.
mkpasswd reads a file in the format given by the flags and converts it to the corresponding database file format.
newusers reads a file of user name and cleartext password pairs and uses this information to update a group of existing users or to create new users.
pwck verifies the integrity of the system authentication information.
pwconv converts to shadow passwd files from normal passwd files.
pwunconv converts from shadow passwd files to normal files.
useradd creates a new user or update default new user information.
userdel modifies the system account files, deleting all entries that refer to a specified login name.
usermod modifies the system account files to reflect the changes that are specified on the command line.
vipw and vigr will edit the files /etc/passwd and /etc/group, respectively. With the -s flag, they will edit the shadow versions of those files, /etc/shadow and /etc/gshadow, respectively.