/var/logmarcus chiu

/etc/passwd - /etc/shadow

Created on · Last Modified on

  • etc/passwd
    • file that stores user account information
    • is world readable
  • /etc/shadow
    • file that stores to encrypted password
    • only root account can read it

/etc/passwd

the /etc/passwd file contains ’:’ delimitated entries/lines each containing the following information:
marcuschiu:x:1000:1000:marcuschiu,room-number,work-phone,home-phone,other:/home/marcuschiu:/bin/bash

  • username
  • encrypted password (replaced with ‘x’ since encrypted passwords are stored in the /etc/shadow file
  • user ID number (UID)
  • user’s group ID number (GID)
  • GECOS field is a comma-delimited list with this order:
    1. user’s full name (or application name, if the account is for a program)
    2. building and room number or contact person
    3. office telephone number
    4. home telephone number
    5. any other contact information (pager number, fax, external e-mail address, etc.)
  • user home directory
  • default login shell - for other ways to set it see /etc/passwd - /etc/shadow

/etc/shadow

the /etc/shadow file contains ’:’ delimitated entries/lines each containing the following information:
e:$6$zWJiqc5G$MP7dTXaYfEcTFRXZUv.VypwS7tQVlihjQlDbDxpDideQ641PhM0E49hf5kxw33qCz6bCCIN4JHkyRcur/AEwX/:18216:0:99999:7:::

  1. Username : It is your login name.
  2. Password : It is your encrypted password. The password should be minimum 8-12 characters long including special characters, digits, lower case alphabetic and more. Usually password format is set to $id$salt$hashed, The $id is the algorithm used On GNU/Linux as follows:
    1. $1$ is MD5
    2. $2a$ is Blowfish
    3. $2y$ is Blowfish
    4. $5$ is SHA-256
    5. $6$ is SHA-512
  3. Last password change (lastchanged) : Days since Jan 1, 1970 that password was last changed
  4. Minimum : The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password
  5. Maximum : The maximum number of days the password is valid (after that user is forced to change his/her password)
  6. Warn : The number of days before password is to expire that user is warned that his/her password must be changed
  7. Inactive : The number of days after password expires that account is disabled
  8. Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used.