Linux user passwords and security policies

User and User password security:
Linux, like Windows, manages the operating system with user accounts.
There are two types of Linux users:
1: System User
2: Login User
A system user is an account that the system completes certain services in a specific capacity and cannot log on.
And landing user is we usually use the most. Landing users can be divided into two categories
Login User:
1: Super User
2: Normal User
The super user is root.
Ordinary users are usually used to manage the system, can log on the ordinary account, the privileges of the ordinary account is authorized, the landing of the ordinary account can only do the right within the thing.
The Linux operating system does not identify users by user name, but is a UDI that identifies users with user identities.
In CENTOS6, the root user identifies the identity of the 0 system user from 1-499.
Login user from 500-60000.

In CentOS, the root user ID is 0
The identity of the system user is from 1-999
Login user from 1000-60000

User password configuration file and password security policy:
Password configuration file:
/ETC/PASSWD contains information about all users of the system, including user name, Uid,gid, comment information, user home directory, user shell type.

/etc/shadow contains password information, to $ for the delimiter, $ after the first paragraph is the password encryption mechanism, $ after the second paragraph is a random number, to prevent the user password at the same time, ciphertext is the same, the third paragraph is the real password. After the password is the most recent modification of the number of days, how many days can be modified password, password expiration time, the number of day before expiration reminder, freeze period.

/etc/group records information about all the groups on the system. Group name, password placeholder, GID, respectively

/etc/gshadow records the group information on the system, with this group as the user name for the additional group of users.

Password Security Policy:
1: Password to contain case, punctuation, numbers, special symbols
2: Change password regularly.

Password Change command: passwd

Usage:

PASSWD does not add a parameter to modify the current user's password.

passwd username plus the user name is the password for the specified user.

But passwd username only the root user has this permission.

　　

Linux user passwords and security policies