Live as if you were to die tomorrow. Learn as if you were to live forever.

Sunday 8 February 2015

Information about /etc/shadow file in Linux/Unix

The /etc/shadow file contains the password in encrypted format. It contains the information about user password.

Here, we will need to notice that /etc/passwd file contains the information about the user and /etc/shadow file contains the information about the user password.

This file contains the username, user password in encrypted format, last password change, etc.

The /etc/passwd file contains the information as shown below

[root@SOC01 ~]# cat /etc/shadow
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologinlp:*:14789:0:99999:7:::
sync:*:14789:0:99999:7:::
shutdown:*:14789:0:99999:7:::
halt:*:14789:0:99999:7:::
mail:*:14789:0:99999:7:::
uucp:*:14789:0:99999:7:::
operator:*:14789:0:99999:7:::
games:*:14789:0:99999:7:::
gopher:*:14789:0:99999:7:::
ftp:*:14789:0:99999:7:::
nobody:*:14789:0:99999:7:::
usbmuxd:!!:15582::::::
shashank:$6$8ExtOSsV$fMEDgsIA5dIyFE56cbBfLkePl.udw7LDMY68jj912VqAwvz/gs7h3rU1s6Y
ldap:!!:15654:0:99999:7:::
ldapuser:$6$P/kWJv9S$v3XhBrO9nSf9Cu05yW4QmfA7s26mSuMHyGRg05f5Bp.MReKjnzFlqLIf3pp

This file contains 8 fields separated by colon (:)

1st field:           Contains the username
2nd field:          This field contains the password in encrypted format
3rd field:           It contains the last password change since 1 Jan 1970
4th field:           The minimum number of days before the password change
5th field:           The maximum number of days before the password change
6th field:           This field contains the warning message before password expires. The user is requested to change the password.
7th field:           The number of days after password expires
8th field:           This field contains when the user account disables and user can no longer be used.

chage command is used to modify the filed in /etc/shadow file.

!! means password never set
! In second column if first word is ! which means that account is locked

No comments:

Post a Comment