Configuration file and password of ubuntu users

The configuration files/etc/passwd,/etc/shadow, and/etc/group are all text files used for system account management. they can be opened in text editors such as vim. /Etc/passwd is used to store user account information,/etc/shadow is used to store the encryption password of each user,/etc/group is used... the configuration files/etc/passwd,/etc/shadow, and/etc/group are all text files used for system account management. they can be opened in text editors such as vim. /Etc/passwd is used to store user account information,/etc/shadow is used to store each user's encrypted password, and/etc/group is used to store user group information. I. The/etc/passwd sudo vim/etc/passwd content is: root: x: 0: 0: root:/bin/bash xiaoxiaozi: x: 1000: 1000: xiaoxiaozi,:/home/xiaoxiaozi:/bin/bash each line represents an account. Yes, there are dozens of accounts. although there are many accounts, you must know that, many accounts are required in the system and are called System accounts. For example, both bin and nobody are system accounts. These accounts are required for the normal operation of the system. The format is composed of strings separated by semicolons. the format is as follows: username: password: uid: gid: allname: homedir: Chinese description of shell domains: user name: password: User ID: group ID: User Full name: home directory: logon to shell as an example, to explain: user name: not to explain. Password: The previous Linux password exists directly in this file, and now it is in/etc/shadow. if it is "!", the password stored in the latter is represented by x. This user cannot log on with a password. This is also the ROOT cause of failure to log on with the ROOT account when Ubuntu is installed. UID: indicates the user ID. if the UID is 0, it indicates that the account is an administrator ~ 499 is reserved for the system, mainly for some system services, but it does not matter if you use it. 500 ~ 65535 is for general users. GID: it is related to the/etc/group file, that is, the ID of the user initialization group. User information description column: Useless. it refers to the explanation of this user. I think I should repeat the user name home directory, which is the user's "main folder ", generally, the home directory of xiaoxiaozi is/home/xiaoxiaozi Shell: SHELL script. now it is usually BASH by default, so we can see its popular programs. II. the/etc/shadow sudo vi/etc/shadow Unix system originally stored the password in plaintext. Later, due to security concerns, crypt () the algorithm encryption password is stored in the/etc/passwd file. Nowadays, the increase in computer processing capability makes password cracking more and more easy. The/etc/passwd file is accessible to all legal users, and the encrypted strings of passwords are accessible to each other. this poses a great security threat to the system. The modern Unix system uses the shadow password system, which separates the password from the/etc/pa sswd file and stores the real password in the/etc/shadow file, shadow files can only be accessed by superusers. In this way, intruders cannot obtain the encrypted password string for cracking. After www.linuxidc.com uses the shadow password file, the content of the password domain of all accounts in the/etc/passwd file is "x". if the content of the password domain is "*", the account is disabled. Content: root :!: 14402: 0: 99999: 7: xiaoxiaozi: $6 $ 9Dm1F/MTo $ rLKI4LJEZ1m1k63zzK9M3FoNdZRUTB1pbN3Igibbo9fo. w4EQl74J7oa1c3ogmDbmJQHdV2toEMXX7taEU0 /. 0: 14402: 0: 99999: 7: format: username: password: last_change: min_change: max_change: warm: failed_expire: expiration: for the meanings of each reserved field, refer to the following explanation: Account name: we are not stupid. we must know that the password must correspond to the account. Therefore, the first field here is the account name, which is normal. Password: this is the real password, but it is encrypted. Generally, the hacker can still crack it. so here I changed my password to several characters. If the first character in the password column is * OR !, Indicates that this number is not used for logon. Date on which the password was recently changed: why is it a weird number like 14402. That is because it is based on January 1, 1970 as the 1st day, and then sequentially add. Days when the password cannot be changed: that is, you can set it to 10000 if you don't want a user to change the password frequently. The number of days the password needs to be changed again: like the above, it is a bit difficult, that is, the number of days in which your password must be changed. Warning date before the password change period: for example, if you set the last column to 20 days and then set this to 5 days, then there will be 5 days to 20 days (true ?? Close ?? Low latency far? Why? Ldquo; you have five days to change your password. Otherwise, you will not be able to log on. "The password expiration Grace Time: well, when everyone forgets and is lazy, that is, your password has expired (you haven't changed it on the day you have to change it) and you set this item to 10, you can log on with the original password within 10 days after expiration. But I don't know if there are any Prompts. it should be in theory. Account expiration time: do not need to mention this? We use WP, and there is an expiration time in the space provider, which is controlled by this thing. Retained: that is to say, I haven't thought much about it yet. However, what do you need to pull in the future? 3. all user group information is stored in the/etc/group File. Grouping users is a way to manage users and control access permissions in Linux. Each user belongs to a user group. a group can contain multiple users, and a user can belong to different groups. When a user is a member of multiple groups at the same time, the main group to which the user belongs is recorded in the/etc/passwd file, that is, the default group to which the user belongs during logon, other groups are called additional groups. To access files in an additional group, you must first use the newgrp command to make yourself a member of the group to be accessed. All user group information is stored in the/etc/group file. The format of this file is also similar to the/etc/passwd file. several fields are separated by colons (:). These fields include: Group name: Password: group ID number: Group User List 1) the group name is the name of the user group, which consists of letters or numbers. Same as the login name in/etc/passwd, the group name should not be repeated. 2) the "password" field stores the encrypted password of the user group. Generally, users in Linux do not have a password, that is, this field is generally blank, or *. 3) the "Group ID" is similar to the user ID and is also an integer used internally to identify the group. 4) the "Group User list" is a list of all users in this group/B]. different users are separated by commas. This user group may be the user's primary group or an additional group. An example of the/etc/group file is as follows: # cat/etc/group root: 0: root bin: 2: root, bin sys: 3: root, uucp adm:: 4: root, adm daemon: 5: root, daemon lp: 7: root, lp users: 20: root, sam [/code: 1: aca506e246]