/etc/shadow file in Linux

The ‘/etc/shadow‘ file in Linux contains password and password related information of users listed in the /etc/passwd file.

An entry in /etc/shadow file contains nine entries/fields and looks like:

a:b:c:d:e:f:g:h:i

a → Username

The user name of whose the  entry contains the password details.

b → Password

it is the encrypted password. The password can include special characters, digits, lower case alphabets, upper case alphabets and several other characters. Usually password format is set to ‘$id$salt$hashed’, The $id is the algorithm used in GNU/Linux for hashing. The value of id tells us about the hashing algorithm used. The id along with its hashing algorithm are as follows:

$1$ is MD5

$2a$ is Blowfish

$2y$ is eksBlowfish

$5$ is SHA-256

$6$ is SHA-512

  • !! or ! indicates that account is present but there is no password set for it. So user can not login if password field is set to this values
  • :*: indicates that the account was disable
  • :: indicates that user can login without password. in other words we can say password is removed or the password field is empty

c → Date Password Last Changed

Indicates the number of days since January 1, 1970 (also called the epoch) when the password was last changed. This information is used in conjunction with the password aging fields that follow this field.

d → Number of days before password can be changed

The minimum number of days that must pass before which the password can be changed.

e → Number of days before a password change is required

The number of days before which the password must be changed.

f → Number of days warning before password change

The number of days before password expiration during which the user will be warned to change the password.

g → Number of days before the account is disabled

The number of days after a password expires before the account will be disabled.

h→ Date since the account has been disabled

The date (stored as the number of days since the epoch) since the user account has been disabled.

i → A reserved field for future purpose

A field that is currently ignored i.e. reserved field for further use.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Create a website or blog at WordPress.com

Up ↑

%d bloggers like this: