Linux/etc/shadow file

Linux/etc/shadow file

** In a Linux operating system, a file is responsible for the passwords of all users. That is shadow. The permission for this file must be set:
-R---(400) or-rw--(600)
That is, the Linux/etc/shadow file is a file that only the system administrator has the right to view and modify. **

** The record lines in the/etc/shadow file correspond one to one with those in/etc/passwd. It is automatically generated by the pwconv command based on the data in/etc/passwd.

Its file format is similar to/etc/passwd and consists of several fields separated. These fields are :**

Login Name: encrypted password: last modification time: minimum interval: maximum interval: warning time: inactive time: expiration time: Flag

1) The "Login Name" is the same as the login name in the/etc/passwd file. 2) the "password" field stores the encrypted user password. If it is empty, the corresponding user does not have a password and does not need a password during logon. The asterisk indicates that the account is locked. The two exclamation points indicate that the password has expired. $6 $ indicates that it is encrypted with a SHA-512, $1 $ indicates that it is encrypted with MD5 $2 $ is encrypted with Blowfish $5 $ is encrypted with a SHA-256. 3) "last modification time" indicates the number of days from a certain time point to the last password change. The start time may be different for different systems. For example, in SCOLinux, the start time is January 1, January 1, 1970. 4) "minimum interval" refers to the minimum number of days required between two password changes. 5) The "maximum interval" indicates the maximum number of days for password persistence. 6) The "warning time" field indicates the number of days from when the system starts to warn the user to when the user password is officially invalid. 7) "No activity time" indicates the maximum number of days that the user has not logged on to the activity but the account remains valid. 8) the "expiration time" field shows an absolute number of days. If this field is used, the validity period of the corresponding account is given. After expiration, this account is no longer a legal account and cannot be used for logon.