Brief description of the file Linux / Unix /etc/shadow

There are many authentication schemes that can be used on Linux systems. The standard and most commonly used schemes are for validating /etc/passwdand /etc/shadow.

/etc/shadow It is a text file that contains information about a system user’s password. The /etc/shadow file belongs to the root and shadow group and has 640 permissions.

Coordinate /etc/shadow

Files /etc/shadow It contains one entry per line, each representing a user account. You can view the contents of the file using a text editor or other commands such as commands cat:

sudo cat /etc/shadow

Typically, the first line represents root user, followed by system and regular user accounts. New entries are added at the end of the file.

Every line of files /etc/shadow It contains nine comma-separated fields:

[--] [----] [---] - [---] ----
|      |      |   |   |   |||+-----------> 9. This field ignored
|      |      |   |   |   ||+------------> 8. Expiration date
|      |      |   |   |   |+-------------> 7. Inactivity Period
|      |      |   |   |   +--------------> 6. Warning period
|      |      |   |   +------------------> 5. Maximum Password Age
|      |      |   +----------------------> 4. Minimum Password Age
|      |      +--------------------------> 3. Last password changed
|      +---------------------------------> 2. Encrypted Password
+----------------------------------------> 1. Username
  1. user name. The string that you write when logging into the system. Or user accounts on the system.
  2. Encrypted password. Password that uses a file $type$salt$hashed. $ type is a cryptographic hash algorithm method and can contain the following values:
    • $1$ MD5
    • $2a$ Blowfish
    • $2y$ – Eksblowfish
    • $5$ SHA-256
    • $6$ SHA-512

    If the password field contains an asterisk (*) Or exclamation mark (!), Users will not be able to log into the system with password authentication. Other sign-in methods like key-based authentication or switching to another user are still allowed.

    On older Linux systems, encrypted user passwords were stored in a file /etc/passwd.

  3. Last password change. This is the date that the password was last changed. The number of days was counted from January 1, 1970.
  4. Minimum password age. The number of days that must pass before a user’s password can be changed. It is usually set to zero, which means there is no minimum age for passwords.
  5. Maximum password age. The number of days after which a user’s password must be changed. By default, this number is set to 99999.
  6. The period of notice. The number of days before the password expires and the user is warned that it must be changed.
  7. Period of inactivity. The number of days after a user’s password expires before a user’s account is deactivated. Usually this field is empty.
  8. Expiration date. The date on which the account was deactivated. It is represented as a date in the era-date format.
  9. Not used or ignore it. This is reserved for future use.

Files /etc/shadow It shouldn’t be manually edited unless you know what you’re doing. Always use commands designed for this purpose.

For example, to change a user’s password, use the command passwd, And to change the password length, use the command chage.

Examples of entries and formats /etc/shadow

Let’s look at an example:

linuxid: $6$zHvrHYa5Y690dseQ$z5zdL...:18009:0:120:7:14::

The above entry contains information about the “linuxid” user’s password:

  • Passwords are encrypted with SHA-512 (the password is cut to make it easier to read).
  • The password was last changed on April 23, 2019 – 18009.
  • There is no minimum password age (0).
  • Passwords must be changed at least every time 120 day.
  • The user will receive a warning message Seven Days before the password expires.
  • If the user does not try to log into the system 14 Days after the password expires, the account will be deactivated.
  • There is no expiration date for the account.


Files /etc/shadow It stores encrypted user password information, along with other password related information.


Source link

Originally posted 2020-11-18 05:11:02.

See also  Git behind office proxy