Whenever a new user account is created in Linux system, all information pertaining to that user is stored in /etc/passwd file, except for the encrypted password of the user. In spite of no password being stored in /etc/passwd file, it is called as "passwd" file because in earlier days password of the user used to be stored in this file.
So where is the user password stored? The encrypted user password is stored in /etc/shadow file. This is the control file used by /usr/bin/passwd command to check the legitimacy of user password.
Let us demonstrate how the entry looks for user "foo" in /etc/passwd and /etc/shadow
/etc/passwd file has seven fields as follows
Username:Password:UID:GID:Comment:Home Directory:Login Shell
foo:x:500:500::/home/foo:/bin/bash
For user foo, we observe that in the second field - password field, no encrypted password is stored and just contains an x.
For every line in /etc/passwd file, there exists a corresponding entry in /etc/shadow file. So for user "foo", the encrypted password of the user is stored in /etc/shadow file as follows
foo:$6$NVajcTOy$UT0RSwmUzXcr7ulUbyWKbjSmY/w2WbIe1N0leYq50iDlRYPcu.ozDsynkJZGNWn/rGrK5u5tgyZW4FHHG/mf0.:15454:0:99999:7:::
$6$NVajcTOy$UT0RSwmUzXcr7ulUbyWKbjSmY/w2WbIe1N0leYq50iDlRYPcu.ozDsynkJZGNWn/rGrK5u5tgyZW4FHHG/mf0. is the encrypted password of the user foo
No comments:
Post a Comment