User, Group, and Rights management
Multi-tasks, Multi-users
Per User:
User ID, password;
Authentication
Authorization
Audition
Group: User groups, user containers
User Category:
Administrator
Normal User
System users
Logged in user
User id: UserID, UID
16bits binary Number: 0-65535
Admin: 0
Normal Users: 1-65635
System User: 1-499 (CentOS6), 1-999 (CentOS7)
Login User: 500-60000 (CentOS6), 1000-60000 (CentOS7)
Name resolution: Name translation
Username <--> UID
Based on the name resolution library:/ETC/PASSWD
Group:
Group Category 1:
Administrators group
General user groups
System Group
Login Group
Group ID: GroupID, GID
Administrators group: 0
Normal User group: 1-65635
System User group: 1-499 (CentOS6), 1-999 (CentOS7)
Login User group: 500-60000 (CentOS6), 1000-60000 (CentOS7)
Name resolution: GroupName <--> GID
Analytic Library:/etc/group
Group Category 2:
Basic Group of users
Additional Groups for users
Group Category 3:
Private group: The group name is the same as the user name and contains only one user;
Public group: Multiple users are included in the group;
Certification information:
Whether the information provided by the login is consistent with the prior storage of the data;
Password
/etc/shadow
/etc/gshadow
Password Usage Policy:
1, the use of random password;
2, the shortest length is not less than 8 bits;
3, should use uppercase letters, lowercase letters, numbers and punctuation characters of at least three classes;
4, regular replacement;
Encryption algorithm:
Symmetric encryption: Encryption and decryption using the same password;
Asymmetric encryption: A pair of keys used for encryption and decryption;
Key pair:
Key: Public key
Private key:
One-way encryption: can only encrypt, not decrypt; extract data signatures;
Fixed-length output
Avalanche effect
Algorithm:
Md5:message Digest, 128bits
Sha:secure hash Algorithm, 160bits
sha224
sha256
sha384
sha512
Add salt at the time of calculation, random number added;
/ETC/PASSWD: User's information base
Name:password:UID:GID:GECOS:directory:shell
Name: User Name
Password: Can be encrypted password, but also placeholder X;
Uid:
GID: The ID number of the primary group to which the user belongs;
GECOS: Comment Information
Directory: The user's home directory;
Shell: The default shell of the user, the default shell program when logging in;
/etc/shadow: User Password
User name: Encrypted password: The last time the password was modified: Minimum Age: Maximum Age: Warning Period: Expiration period: Reserved field
/etc/group: Information Base for groups
Group_name:password:GID:user_list
User_list: The user member of the group; the user list of users with this group as an additional group;
Related commands: Useradd, Userdel, Usermod, passwd, Groupadd, Groupdel, Groupmod, gpasswd, Chage, Chsh, id, su
User, Group, and Rights management