https://DevOpsCloud.io -- Cloud Monk Losang Jinpa, Ph.D., MCSE/MCT, GitOps DevOps Engineer

User Tools

Site Tools

Trace: etc_shadow
etc_shadow

Table of Contents

/etc/shadow

  • Definition: The /etc/shadow file is a system file on Unix-like operating systems that contains encrypted password information and related account data for user accounts.
  • Function: Stores securely hashed and encrypted user passwords, along with additional password-related account data.
  • Components: Each line in the /etc/shadow file represents a user account and consists of several fields separated by colons:
     1. **Username**: The user’s login name.
 2. **Encrypted Password**: The hashed and encrypted password. If the password is locked, this field may contain an exclamation mark (`!`) or an asterisk (`*`).
 3. **Last Password Change**: The number of days since January 1, 1970, when the password was last changed.
 4. **Minimum Password Age**: The minimum number of days required between password changes.
 5. **Maximum Password Age**: The maximum number of days a password is valid before it must be changed.
 6. **Password Warning Period**: The number of days before password expiration that the user is warned.
 7. **Password Inactivity Period**: The number of days after password expiration that the account is disabled.
 8. **Account Expiration Date**: The number of days since January 1, 1970, when the account will be disabled.
 9. **Reserved Field**: Currently unused, reserved for future use.
  • Features:
     * Securely stores encrypted passwords, reducing the risk of password exposure.
 * Contains additional account management information for enforcing password policies.
 * Accessible only by the root user for enhanced security.
  • Usage: Essential for secure user authentication and enforcing password policies in Unix-like operating systems.

Examples

  • Sample entry in /etc/shadow:
     ```plaintext
 john:$6$saltsalt$E4.CFJbEhKNdTPaOvzlZnX8nYkI4RCsKJz7wFzx7F9ZK4.DtJ3u4/u/4fQpOH/:18000:0:99999:7:::
 ```

 * **john**: Username
 * **$6$saltsalt$E4.CFJbEhKNdTPaOvzlZnX8nYkI4RCsKJz7wFzx7F9ZK4.DtJ3u4/u/4fQpOH/**: Encrypted password
 * **18000**: Last password change (days since Jan 1, 1970)
 * **0**: Minimum password age (days)
 * **99999**: Maximum password age (days)
 * **7**: Password warning period (days)
 * **:::**: Unused fields

  • Viewing the /etc/shadow file (root access required):
     ```bash
 sudo cat /etc/shadow
 ```
  • Changing a user's password (modifies /etc/shadow):
     ```bash
 sudo passwd john
 ```

Summary

  • /etc/shadow: A secure system file on Unix-like operating systems that stores encrypted user passwords and additional account management information, accessible only by the root user for enhanced security.
etc_shadow.txt · Last modified: 2025/02/01 06:59 by 127.0.0.1
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki