Skip to main content

Understanding the /etc/shadow File : information about the system’s users’ passwords : [Beginners Guide]




There are several different authentication schemes that can be used on Linux systems. The most commonly used and standard scheme is to perform authentication against the /etc/passwd and /etc/shadow files.

/etc/shadow is a text file that contains information about the system’s users’ passwords. It is owned by user root and group shadow, and has 640 permissions.

/etc/shadow Format
 
The /etc/shadow file contains one entry per line, each representing a user account. You can view the contents of the file, with a text editor or a command such as cat:
sudo cat /etc/shadow
Typically, the first line describes the root user, followed by the system and normal user accounts. New entries are appended at the end of the file.

Each line of the /etc/shadow file contains nine comma-separated fields:







01. Username. The string you type when you log into the system. The user account that exist on the system.

02. Encrypted Password. The password is using the $type$salt$hashed format. $type is the method cryptographic hash algorithm and can have the following values:

$1$ – MD5
$2a$ – Blowfish
$2y$ – Eksblowfish
$5$ – SHA-256
$6$ – SHA-512

If the password field contains an asterisk (*) or exclamation point (!), the user will not be able to login to the system using password authentication. Other login methods like key-based authentication or switching to the user are still allowed.

In older Linux systems, the user’s encrypted password was stored in the /etc/passwd file.

03. Last password change. This is the date when the password was last changed. The umber of days is counted since January 1, 1970 (epoch date).

04. Minimum password age. The number of days that must pass before the user password can be changed. Typically it is set to zero, which means that there is no minimum password age.

05. Maximum password age. The number of days after the user password must be changed. By default, this number is set to 99999.

06. Warning period. The number of days before the password expires during which the user is warned that the password must be changed.

07. Inactivity period. The number of days after the user password expires before the user account is disabled. Typically this field is empty.

08. Expiration date. The date when the account was disabled. It is represented as an epoch date.

09. Unused. This field is ignored. It is reserved for future use.

The /etc/shadow file should not be edited by hand unless you know what you are doing. Always use a command that is designed for the purpose. For example, to change a user password, use the passwd command, and to change the password aging information, use the chage command.

Example Entry
 
Let’s take a look at the following example:
linuxize:$6$zHvrJMa5Y690smbQ$z5zdL...:18009:0:120:7:14::

  • The entry above contains information about the user “linuxize” password:
  • The password is encrypted with SHA-512 (the password is truncated for better readability).
  • The password was last changed on April 23, 2019 - 18009.
  • There is no minimum password age.
  • The password must be changed at least every 120 days.
  • The user will receive a warning message seven days before the password expiration date.

  • If the user doesn’t attempt to login to the system 14 days after the password is expired, the account will be disabled.
  • There is no account expiration date.
  • Conclusion
  • The /etc/shadow file keeps records about encrypted users’ passwords, as well as other passwords related information.

Labels:

Comments

Post a Comment

Popular posts from this blog

Apt-fast for Increasing Download Speed while Installing and Updating Packages Ubuntu/Debian [Beginners Guide]

Have you ever experienced slow download speed when downloading or updating packages in Ubuntu even when your network connection is running fine? You encounter this issue especially when updating and installing packages for the first time after installing a new Ubuntu/Debian OS. However, there is a way to get around this by speeding up the download speed using apt-fast command in Linux. Apt-fast is a shell script wrapper for “apt-get” and “aptitude” that uses the power of either  axel  or  aria 2  download managers to accelerate the download process. It improves download performance by downloading packages simultaneously in parallel with multiple packages per connection. In this article, we will walk through some steps to install apt-fast in order to accelerate the update and downloading process in Ubuntu. We will use Ubuntu 18.04 LTS for describing the procedure mentioned in this article.   Step 1: Installing prerequisites We need to install...
Post a Comment
Read more

What is a CDN ? How Does a content delivery network Work?

I ntroduction. Latest Web sites and applications often need to provide   amount of static content to end users. This content includes images, style sheets, JavaScript, and video. The increase in the number of static assets and the increase grows the bandwidth usage increases page load time decreased, depending on the size of the user's search experience, and reduce the usable capacity of the server. Dramatically improving performance, reducing the page load time   reduce the bandwidth and infrastructure costs, you can implement a content delivery network,  And  CDN cache these assets at a set of servers that are geographically distributed. What is a CDN? Content delivery network is a group of servers distributed geographically optimized to provide static content to end users. While this static content can be almost any type of data, CDNs are most commonly used to deliver web pages and related files, streaming video and audio, and large softwar...
Post a Comment
Read more

How To Install PHP 7.4 and PHP 7.3 ON Ubuntu 18.04/19.04/16.04

How to Install PHP 7.4 / PHP 7.3 on Ubuntu?. This guide will help you Install PHP 7.4 / PHP 7.3 on Ubuntu 18 / Ubuntu 16 /  Ubuntu 19 . PHP is an open-source server-side scripting language which has been widely adopted for the creation of dynamic web pages. PHP is secure, fast, simple, efficient, flexible and a loosely typed scripting language. The PHP release 7.4.0 has been made available for the general public and for use in Production environments. How to install PHP 7.4 on Ubuntu 18.04 / Ubuntu 19.04 / Ubuntu 16.04 Step 1: Add PHP 7.4 PPA Repository We’ll add ppa:ondrej/php PPA repository which has the latest build packages of PHP. sudo apt-get update sudo apt -y install software-properties-common sudo add-apt-repository ppa:ondrej/php sudo apt-get update Step 2: Install PHP 7.4 on Ubuntu 18/ Ubuntu 19/ Ubuntu 16 Install PHP 7.4 on Ubuntu 18.04/19.04/16.04 using the command: sudo apt -y install php7.4 Check version inst...
Post a Comment
Read more