Interpretation of passwd file for password security

Passwd file explanation of password security-Linux general technology-Linux technology and application information. The following is a detailed description. Learning reference. In any Linux system, there is a passwd file, which is stored in the/etc directory. This file stores information about all user accounts, including the user name and password. Therefore, it is critical to the system. You can use the following command to view the file:
# Cat/etc/passwd

The following is the content of a passwd file:
Root: sWMrPGa52GO1Y: 0: 0: root:/bin/bash
Bin: x: 1: 1: bin:/bin:
Daemon: x: 2: 2: daemon:/sbin:
Adm: x: 3: 4: adm:/var/adm:
Lp: x: 4: 7: lp:/var/spool/lpd:
Sync: x: 5: 0: sync:/sbin:/bin/sync
Shutdown: x: 6: 0: shutdown:/sbin/shutdown
Halt: x: 7: 0: halt:/sbin/halt
Mail: x: 8: 12: mail:/var/spool/mail:
News: x: 9: 13: news:/var/spool/news:
Uucp: x: 10: 14: uucp:/var/spool/uucp:
Operator: x: 11: 0: operator:/root:
Games: x: 12: 100: games:/usr/games:
Gopher: x: 13: 30: gopher:/usr/lib/gopher-data:
Ftp: x: 14: 50: FTPUser:/home/ftp:
Nobody: x: 99: 99: Nobody :/:
Arp: GFcoDv58s4YYg: 500: 500: user:/home/somebody:/bin/bash
You can view accounts such as root and arp.
A Passwd file consists of multiple records, each of which occupies one row and records all information of a user account.
Each record consists of seven fields separated by the colon ":". The format is as follows:
Username: password: UserID: GroupID: comment: homedirectory: Shell

The meaning of each field is:
(1) username: user name, which uniquely identifies a user account and is used when a user logs on.
(2) password: password of the Account. The password stored in the passwd file is encrypted. The encryption algorithm in Linux is very strict, and the password is almost impossible to crack. Account theft generally uses special hacker programs to construct countless passwords, encrypt them using the same encryption algorithm, and compare them with this field. If they are the same, it indicates that the constructed password is correct. Because of this, the author suggests that readers do not use their birthdays, commonly used words, and other passwords. They are almost vulnerable to hacking programs. Especially for systems directly connected to a large network, system security is particularly important.
(3) UserID: User ID, UID for short. In Linux, UID is used to identify the user rather than the user name. UID is an integer, and the user's UID is different from each other.
(4) GroupID: The User Group Identifier (GID. Different users can belong to the same user group and have the same permissions. Similar to UID, GID uniquely identifies a user group.
(5) comment: This is the comment that the administrator gives to the user account. It is generally the user's real name, phone number, address, etc., of course, it can also be empty.
(6) home directory: home directory. This directory belongs to this account. After a user logs on, it will be placed in this directory, just like returning home. In general, the home directory of the root account is/root, and the home directory of other accounts is under the/home directory, and the same name as the user name. Of course, this directory can also be changed to another place.
(7) login command: The command executed after the user logs on. Generally, this command starts a Shell program. Users who have used BBS know that after logging on with the BBS account, they will directly access the BBS system, because the BBS account's login command points to the BBS program, these commands are automatically run when the system logs on to the BBS.

1. Default Account
There are also some default accounts in the system, such as adm, daemon, bin, sys, etc. Readers can follow the above passwd
File. These accounts have special purposes and are generally used for system management. For example:
The bin account has executable files.
The sys account has executable files.
The adm account has account files (such as passwd) and log files.
In large workstations, superusers may want to assign heavy maintenance tasks to other maintenance personnel, but do not want to grant them root permissions. These accounts will be used in this case. Most of the passwords of these accounts are represented by asterisks, indicating that they cannot be used during logon.

2. Security Password
To enhance the security of the system, the Linux system can also provide users with MD5 and Shadow Security Password services. If the MD5 and Shadow services are selected on the related configuration options when the red-flag Linux Server version is installed, the/etc/passwd file is slightly different from the preceding example file, the difference is that the passwd item in/etc/passwd is a "*" regardless of the user, which means these users cannot log on; the system actually stores the real password data in the/etc/shadow file. Users can only browse the file as root. The reason for doing so is actually very simple. During system design, the/etc/passwd file can be read by anyone, then those who are interested can use this file and use a variety of tools to try out the user or even root password by encrypting the Linux Password, in this way, the entire system will be controlled by him, seriously endangering the security of the system and the confidentiality of user data.
The encrypted passwords stored in/etc/passwd are calculated and compared with the passwords entered during user logon. logon is allowed if they match the passwords. Otherwise, logon is denied. You can use the passwd command to modify your own password. You cannot directly modify the password section in/etc/passwd.
A good password should be at least six characters long. Do not use personal information (such as birthday, name, reverse spelling login name, and what is visible in the room ), common English words are not good either (because dictionary attack can be used). It is better to have some non-letters (such as numbers, punctuation marks, and control characters) in the password, and remember some more, it cannot be written on paper or in a computer file. A good way to select a password is to connect two irrelevant words with a number or control character and cut them off to 8 characters. Of course, it would be better to remember eight garbled characters.
The same password should not be used on different machines, especially for users of different levels, which may cause a full crash. The user should change the password periodically at least once every six months. The system administrator can force the user to change the password periodically. To prevent easy-to-use attackers from stealing passwords, make sure that no one is there when entering the password.