User management of Linux

Encryption/Decryption

PlainText, ciphertext

Common methods of encryption:

Symmetric encryption

Public Key cryptography: The public key is generated in the private key;

One-way encryption: The document can be generated by the plaintext ciphertext; in strict sense, it realizes the extraction of the data signature;

The same data, using the same algorithm, the results of multiple calculations will be the same, so it is often used to verify data integrity;

Fixed-length output: Regardless of the original data size, encrypted result input size is the same;

Avalanche effect: Microwave changes of initial conditions will result in great changes in results;

Md5:message Digest 128bit

Sha1:secure Hash Algorithm 160bits

Sha256:256bits

Sha512:512bits

Password in the Shdown file:

$ cryptographic Algorithm $8 bit random character $ encrypted password

Encryption algorithm:

centos6:sha512

Centos5:md5

CHSH command:

Cash[option] ... [Username]

-L: List available shells on current system

-s/path/to/shell: Modify to specify SHELL

CHFN Command: Modify comment information

Chage: Modify password expiration information for a user account

CHAGE–L username viewing expired information with a user

GPASSWD command: Add a password to a group

Etc/gshadow

When the user switches his or her base group to this group, if it has this group as an additional group, it switches directly; otherwise, a password is required;

NEWGRP: Switch user's basic group;

Newgrp group_name

Su USERNAME: Non-login switching means that the original user's environment is still set to the SU

Su–username: Login switching means using the target user's environment settings, the original user failed.

Echo $PATTH

Return to the original user using the Exit command

Su–username-c ' command ': Exit after executing command as Target User: no real switch

Practice:

1. Create the user Slackware, whose ID is 2002, the basic group is distro, and the additional group is Peguin;

#groupadd distro

#groupadd Peguin

#useradd –u 2002–g distro–g Peguin Slackware

2. Modify the default shell for Slackware/bin, tcsh;

#usermod –s/bin/tcsh Sclackware

3. Add additional group admins for it;

#groupadd Admin

#usermod –a–g Admins Sclackware

4. Add a password for Slackware, and require a minimum password age of 3 days, the maximum is 180 days, warning for 3 days;

#passwd –n 3–x 180–w 3 Slackware

5. Add user OpenStack, whose ID number is 3003, the base group is clouds, and the additional group is Peguin and Nova.

#groupadd Peguin

#goupadd Nova

#useradd –u 3003–g clouds–g Peguin,nova

6. Add user MySQL, ask its shell to be/sbin/nologin;

#useradd –r–s/sbin/nologin MySQL

7. Use the echo command to add a password for opensatack, non-interactive;

#echo "Mageedu" | Passwd–-stdin OpenStack

User management of Linux