Unix based OSes like Linux maintain user password in /etc/shadow file in encrypted algorithm basically in hash method.
You can view this file with standard Linux text editor or with cat command:
# cat /etc/shadow
file has default permission of 600 which mean only root user can read
or write this file and other users are denied to access this file which
obvious it should since it contains root and other users password.
Whenever any user authentication happen Linux refer this file. So this
file is very important for user authentication in Linux.
Example of /etc/shadow file with its parameter values detail:
| | | | | ||||
1. 2. 3. 4. 5. 220.127.116.11.
Values order wise:
2. Encrypted Password
3. Last password change
4. Minimum password age
5. Maximum password age
6. Warning period
7. Inactivity period
8. Expiration date
file contain each user entry per line starting with root user then
system and normal users. This file also contains user account
information along with its password seperated by colons (:).
The /etc/shadow contain password in $type$salt$hashed format. $type is the method of encryption hash algorithm. This file support below encryption hash algorithm types for storing user password:
$1$ – MD5
$2a$ – Blowfish
$2y$ – Eksblowfish
$5$ – SHA-256
$6$ – SHA-512
You can identify password encryption type with above value number available in second column.
If this file contain * or !
in any user password field that means password for that user is locked
and cannot be authenticate through password in system but that user can
access system either by key based authentication or by switching to his
user id from other user account.