Shadow password for system data files and information

The encrypted password is a copy of the user password that has been processed by the one-way encryption algorithm. Because this algorithm is one-way, you cannot guess the original password from the encrypted password.

The algorithms used in history always generate 13 printable characters from 64 character sets. Some newer systems use the MD5 Algorithm to encrypt the password, generating 31 characters for each encrypted password.

An encryption Password is provided, and an algorithm cannot be found to reverse it to a common text Password (the common text Password is the Password typed after the Password: prompt ). However, you can guess the password, convert it into an encrypted form using a one-way algorithm, and then compare it with the user's encrypted password.

To make it difficult for people who attempt to do so to obtain the original data (encrypted password), some systems now store the encrypted password in another file, usually called shadow password. The file must contain at least the user name and encrypted password. Other information related to the password can also be stored in the file (Table 6-2 ).

Spwd * getspnam (* spwd * getspent (setspent (endspent ();

There is no shadow password structure in FreeBSD 5.2.1 and mac OS X 10.3. The additional account information is stored in the password file.

This blog is excerpted from advanced programming for UNIX environments (version 2) and used only for personal learning records. For more information about this book, refer:Http://www.apuebook.com/.